IT CYBERSECURITY SPECIALIST (INFOSEC)

Full Job Description

Defense Finance and Accounting Services (DFAS) mission is to lead the Department of Defense (DoD) in finance and accounting by ensuring the delivery of efficient, exceptional quality pay and financial information.

Human Resources will determine your qualifications for each entry grade level based on your interest and the additional following criteria.

Resumes for federal government positions need more detailed work descriptions and accomplishments than a typical private sector resume.

Please be sure to clearly describe the full scope of your work experiences in your resume. Combinations of education and experience may also be sufficient.

**This Job Opportunity Announcement is using an additional online assessment tool to evaluate applicants.

Please review the HOW YOU WILL BE EVALUATED, HOW TO APPLY and WHAT TO EXPECT NEXT sections below for instructions.

Basic Requirement: Applicants must have IT-related experience demonstrating the following competencies appropriate to, or above, the level of this position.

For vacancies below the full-performance level of the position, the basic requirement will be evaluated on a developmental basis.

Your resume and work experience should clearly support your ability to meet these competencies and will be evaluated as part of the entire application process.

Attention to Detail - experience reviewing my own information technology-related work or data and have been asked by others to review their work or data to ensure accuracy, completeness, and consistency with standards.

Customer Service - experience maintaining relationships with customers, assessing current information technology needs of customers, and developing or identifying information technology products and services that are tailored to meet customer needs.

Oral Communication - briefing mid-level management and IT staff on the status of information technology systems, projects, or daily operations, including the communication of technical information to a non-technical audience.

Problem Solving - identifying alternatives to address complex information technology-related issues by gathering and applying information from a variety of sources that provide a number of potential solutions.

In Addition to the Basic Requirement Above: One year of specialized experience equivalent in level of difficulty and responsibility to that of the next lower grade (GS-11) within the federal service, which demonstrates the ability to perform the duties of the position, is required.

Specialized Experience is defined as: Implementing and enforcing all DoD Information Assurance (IA) program policies and procedures for IT applications.

Develop application security plans, and ensure compliance with federal and DoD requirements. Managing the Risk Management Framework (RMF) and the Enterprise Mission Assurance Support Service (eMASS).

Oversee security certification, conduct risk assessments, and serve as the IA point of contact for audits, ensuring the confidentiality, integrity, and availability of information systems.

Volunteer Experience: Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual, community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. Major Duties:

• Develops application security plans, policy guidance, operations regulations, and procedures to ensure IA regulatory requirements are followed in support of assigned applications and systems.
• Provides assistance and guidance on matters pertaining to the Risk Management Framework. Manages and updates eMASS as part of the RMF program including mitigation of findings and Plans of Action and Milestone (POAM) development.
• Implement and enforce of all DoD information system Information Assurance (IA) program policies and procedures for assigned systems as defined by the security certification and accreditation documentation
• Performs and/or provides support in implementing RMF, FFMIA, FISMA, FISCAM, and Audit Readiness formal reviews. Answers questions and gathers documentation to support formal reviews and audit process for respective systems.
• Oversees the security certification and accreditation of information systems. Develops local risk assessment policies. Prepares risk assessments for DFAS information systems using supporting automated assessment tools.