IT CYBERSECURITY SPECIALIST (INFOSEC)

Full Job Description

Opened Area(s) of Consideration: 1 DEFINITION OF AREA(S) OF CONSIDERATION: Area 1 - All current on-board AKNG T5 Competitive or Excepted Service Employees.

PDCN: T5895000 MPCN: 3401069721 Selecting Supervisor: Daniel A.

Paulsen EXPERIENCE Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate.

Individuals must have IT-related experience demonstrating each of the four competencies listed below. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Additionally, you must have at least 1-year specialized experience equivalent to at least the next lower grade, GS-11.

Examples of specialized experience includes: Serves as a technical expert and focal point for Information Technology (IT) security and information assurance policies, planning, programs, initiatives, certification and accreditation.

Evaluates and assesses vulnerabilities of classified network and application server hardware, operating system software, and peripheral network equipment such as routers, bridges, switches, attached cabling system, network interface cards, modems, multiplexers, and concentrators.

Updates hardware and software architecture databases to reflect installations, turn-ins, and changes in reportable software.

Reviews national, DOD and other policies, program proposals, operational and strategic plans, and identifies issues requiring tier two actions or inputs.

Analyzes equipment and software reliability and suitability for vulnerability assessment utilization.

Conducts analyses of classified network usage, hardware and software capabilities, ineffective practices or procedures, equipment shortcomings, and other relevant factors.

EXPERIENCE REQUIREMENTS: Resume must have complete dates and hours worked per week for each occurrence of both civilian and military employment (Example: 2 JAN 1980 to 3 MAR 1981; 0800-1630 M-F or JAN 1980 to MAR 1981; 40 hrs/wk) Use of year only will result in disqualification.

The duties listed must fully substantiate -in your own words- that you meet the minimum requirements and specialized experience listed above, in detail; otherwise, you will not be considered qualified for this position.

Length of time is not of itself qualifying. Your experience will be evaluated on the basis of duties performed.

Your record of experience, training, and education must show possession of the knowledge, skills and abilities needed to fully perform the duties of the position. Major Duties:

Serves as a technical expert and focal point for Information Technology (IT) security and information assurance policies, planning, programs, initiatives, certification and accreditation.

Provides advice and assistance regarding security aspects of processing, storage, retrieval, transmission, and access of classified and unclassified information.

Administers and monitors installation compliance with all applicable DoD, USAF, National Guard Bureau (NGB) and Air National Guard (ANG) Information Assurance regulations and policies.

Administers and maintains the organization certification & accreditation process for assigned SCIF(s) using the Risk Management Framework (RMF), and coordinates, compiles and maintains all certification & accreditation documentation for appropriate accreditation authorities.

Reviews and implements local policies regarding system access, network rights, and physical access to systems and equipment.

Conducts risk and vulnerability assessments of DoD classified information systems to identify associated vulnerabilities, risks and protection needs.

Leads or serves as a member of the configuration control board for applicable installation facilities/networks Evaluates and assesses vulnerabilities of classified network and application server hardware, operating system software, and peripheral network equipment such as routers, bridges, switches, attached cabling system, network interface cards, modems, multiplexers, and concentrators.

Updates hardware and software architecture databases to reflect installations, turn-ins, and changes in reportable software.

Provides input to the ANG Continuity of Operation Plan (COOP) procedures for system disaster recovery. COOP recovery includes reestablishment of systems at multiple sites and locations.

Conducts evaluations to ensure compliance with applicable standards. Ensures system backups are performed to ensure expedient restoration of respective network equipment.

Reviews national, DOD and other policies, program proposals, operational and strategic plans, and identifies issues requiring tier two actions or inputs.

Based on these reviews, provides technical recommendations for changes to the security posture to the Wing Information System Security Manager (ISSM).

Prepares and presents applicable briefings and reports to high-level managers.

Advises the Wing ISSM and Group/Squadron Commander on the impact of tier two level Information Assurance (IA) and Computer Network Defense (CND) policy on squadron group/squadron activities.

Implements audit measures to ensure activity compliance with regulatory requirements. Participates in inspections and surveys of computer system.

Incumbent makes recommendations to the Wing ISSM on the approval of various computer operations based on security guidelines.

When feasible, provides alternatives to the Wing ISSM and Group/Squadron Commanderto meet security requirements based on the unique needs of the organization and mission requirements.

Develops guidance papers on security issues affecting classified systems, enclaves, and applications.

Analyzes equipment and software reliability and suitability for vulnerability assessment utilization.

Conducts analyses of classified network usage, hardware and software capabilities, ineffective practices or procedures, equipment shortcomings, and other relevant factors.

Recommends methods and procedures and coordinates corrective action to optimize utilization of present equipment.

Uses benchmarks, performance measurement, and evaluation data, in conjunction with vulnerability assessment techniques.

Develops recommendations or proposals involving a variety of specialized systems to improve operational efficiency.

Determines, develops, and ensures cooperation and coordination with related IA/CND program efforts.

Incumbent must analyze the vulnerabilities and weaknesses of existing computer security programs that could benefit from group training and translate those needs into training and education media for the ISSM.

Designs and delivers to the Group/Squadron Commander tailored programs of instruction to reduce risks, increase the level of computer security awareness, and improve the security posture for the automated systems and activities.

Performs other duties as assigned.