IT CYBERSECURITY SPECIALIST (INFOSEC)

Full Job Description

This position is being recruited under 10 USC 1599f into the Cyber Excepted Service and does NOT convey eligibility to be converted to the Competitive Service.

It has been identified as a position necessary to carry out and support the mission of the US Cyber Command.

It is in the Professional Work Category at the Full Performance Work Level within the CES Occupational Structure. It is located in the DISA HC/Server LOB.

In order to qualify for this position, you must meet the requirements described below.

Basic Requirements: Applicants must have IT-related experience demonstrating the following competencies appropriate to, or above, the level of this position.

For vacancies below the full-performance level of the position, the basic requirement will be evaluated on a developmental basis.

Your resume and work experience should clearly support your ability to meet these competencies and will be evaluated as part of the entire application process.

Attention to Detail- experience reviewing my own information technology-related work or data and have been asked by others to review their work or data to ensure accuracy, completeness, and consistency with standards Customer Service - experience maintaining relationships with customers, assessing current information technology needs of customers, and developing or identifying information technology products and services that are tailored to meet customer needs Oral Communication -briefing mid-level management and IT staff on the status of information technology systems, projects, or daily operations, including the communication of technical information to a non-technical audience Problem Solving - identifying alternatives to address complex information technology-related issues by gathering and applying information from a variety of sources that provide a number of potential solutions Qualifying Experience: To qualify at the GG-13, your resume must describe at least one year of experience that demonstrates the competencies necessary for immediate success in the position.

Experience refers to any paid or unpaid experience, including volunteer work and Military service, that would be considered equivalent to work normally performed at the next lower grade level in the federal service.

For this position, qualifying experience is defined as: Experience in developing and implementing security policies for hybrid on-premise and Microsoft Azure environments, defending against unauthorized access through the deployment and management of modern Endpoint Protection (EPP/EDR) technologies.

Skilled in monitoring system compliance using tools like Azure Security Center or similar and providing expert guidance on securing network operations, cloud workloads, and hardened endpoints.

Volunteer Experience: Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual, community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates to paid employment.

You will receive credit for all qualifying experience, including volunteer experience.?

Candidates must describe how they meet the qualifying experience and/or selective placement factor(s) within the body of their resume.

All qualifications must be met within 30 days after the closing date of the announcement. **Combination of education and experience is not applicable for this position.** Major Duties:

• Serves as principal technical authority and lead specialist in Vulnerability Assessment and Management, Cybersecurity Management, and Cyber Defense Analysis.
• Provides expert technical guidance, interpretation, and implementation oversight of applicable information security policies, processes, and practices to ensure continued operational availability and integrity of enterprise applications.
• Oversees the Cybersecurity program of an information system or network, including managing information security implications within the organization, specific program, or other areas of responsibility.
• Develops, interprets, plans and applies policy, process, procedure and strategy in the delivery of multi-discipline IT services required to achieve data and system integration/interoperability for assigned systems and applications.