IT Cybersecurity Specialist (Infosec)

Full Job Description

This position provides technical direction and guidance to staff providing system cybersecurity engineering, information system security officers, and information system security mangers of the Advana program and ecosystem by preparing: cybersecurity road maps, reviewing and approving Advana ecosystem cybersecurity increment milestones, deliverables, justifications for current and proposed changes to the platform to maintain the security and reduce risk of the overall Advana ecosystem.

In order to qualify for this position, you must meet the requirements described below.

Basic requirement: The qualifying experience must include, or be supplemented by, information technology related experience (paid or unpaid experience and/or completion of specific, intensive training, as appropriate) which demonstrates each of the four competencies, as defined: Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

In addition to the Basic Requirement, you must meet the experience below: You may qualify at the GG-15 level, if you fulfill the following qualification requirement: One year of qualifying experience equivalent to the GG-14 grade level in the Federal service (experience may have been gained in the private sector) that demonstrates your ability with 1.

Implementing security architectures compliant with agency Risk Management Framework (RMF) security controls; 2.

Managing enterprise systems and software across hardware and cloud-based environment; and 3. Providing technical advice on IT infrastructure and enterprise application development.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social).

You will receive credit for all qualifying experience, including volunteer experience.

All qualifications and education requirements must be met by the closing date of this announcement and clearly documented in your resume. Your resume may not exceed two (2) pages.

For qualifications determinations, it is recommended that applicants include their months and hours worked per week for each employment listed on their resume.

If a determination is not able to be made about the duration of your creditable experience for qualification requirements, you will be removed from consideration.

Read more about what should I include in my federal resume at https://help.usajobs.gov/faq/application/documents/resume/what-to-include ACTIVE DUTY SERVICE MEMBERS: Federal agencies treat active duty service member as veterans, disabled veterans, and preference eligible, when they submit, as part of their application package, a "certification" of active service in lieu of a DD-214, indicating the service member is otherwise eligible and will be discharged or released within 120 days from the date of submission..

A "certification" letter should be on letterhead of the appropriate military branch of the service and contain (1) the military service dates including the expected discharge or release date; and (2) the character of service.

This "certification" must include your rank, dates of active duty service, type of discharge and character of service (i.e. honorable), and date any terminal leave will begin.

It must be signed by, or by direction of, the adjutant, personnel officer, or commander of your unit or higher headquarters.

Active duty members that fail to provide a valid "certification" of service with their initial application will be found "not eligible".

Members may be appointed before the effective date of their military retirement/separation if they are on terminal leave. Major Duties:

This position is a DoW Cyber Excepted Service (CES) personnel system position in the Excepted Service under 10 U.S.C. 1599f.

For more information on the Cyber Excepted Service Personnel System, click here If you are a current Federal Career/Career-Conditional employee, you will be placed on an Excepted appointment.

Incumbents typical work assignments may include the following: 1.

Ensures all related system changes delivered meet upon technical standards and adhering to the confidentiality, integrity, and availability (CIA) triad to strengthen the Advana ecosystems security profile.

2.

Provides direction to and accepts/reviews/rejects a wide variety of contractor-supported deliverables including to, but not limited, risk assessments, cybersecurity policy and updates, incident management and response procedures, vulnerability management, cybersecurity technologies for efficiency and automation, zero trust architecture milestones, and all documentation, presentations, or deliverables to the Authorizing Official (AO) or Authorizing Official Designated Representative (AODR).

3. Participates in top-level decision-making regarding courses of action that will improve the system security and integrity of data collection, distribution, and management. 4.

Collaborates on overall direction and strategy of the cybersecurity posture, authorizations, system migrations, system changes, and use of automated technologies and services.