IT Cybersecurity Specialist

Full Job Description

NEH is an independent grant-making agency of the government dedicated to supporting research, education, preservation, and public programs in the humanities.

The incumbent serves as an Information System Security Officer located in the Office of Information Technology (OIT), National Endowment for the Humanities (NEH).

OIT is responsible for planning, developing, communicating, and coordinating NEH's information systems management activities.

To qualify for this position, your resume must state sufficient experience and/or education, to perform the duties of the specific position for which you are applying.

At the GS-13 level Qualified candidates must possess: 1 year of specialized experience equivalent to at least the GS-12 level or equivalent experience.

Specialized experience is experience which is directly related to the line of work of the position to be filled and which has equipped the applicant with the knowledge, skills, and abilities to successfully perform the duties of the position, for example: Specialized experience includes: (1) coordination, implementation, and enforcement of cybersecurity policies; (2) continuously monitors, periodically reviews, manages, and reports on IT systems, related tasks, processes, policies, and procedures; (3) develops policies, guidelines, training material, documentation, and technical drawings related to cybersecurity; (4) stays informed on government-wide laws, regulations, and guidelines related to cybersecurity including FISMA, NIST's Risk Management Framework, Special Publications SP-800-53, and CISA's Strategies, Models, and Pillars for Zero Trust; (5) provides cybersecurity coaching, advice, and instruction to organization staff.

As part of the online application process you will need to respond to a series of questions designed to assess your possession of the following knowledge, skills, abilities, and/or competencies: Customer Service Cybersecurity Project Management Technical Competence Written Communication Major Duties:

Coordinate and enforce cybersecurity policies for on-premise, hybrid, mobile, and cloud systems, working closely with the Chief Information Security Officer and OIT leadership.

Ensure confidentiality, integrity, and availability of NEH systems by implementing and maintaining security programs and tools across all platforms including continuous monitoring solutions.

Assist with cybersecurity reviews and risk assessments for NEH systems and manage reporting and remediation for FISMA and related audits.

Maintain and update security documentation and governance artifacts, including NIST SP 800-53 controls, system security plans, and IT security policies.

Implement and evaluate security programs to minimize vulnerabilities, enforce backup procedures, and ensure compliance with legal and regulatory requirements.

Advise staff on security issues and deliver IT security awareness training, while liaising with internal and external groups on audits and compliance matters.

Promote best practices and emerging technologies in cybersecurity, develop metrics and dashboards, and recommend resources to strengthen NEH's security posture.