IT CYBERSECURITY SPECIALIST (INFOSEC)

Full Job Description

This position is being recruited under 10 USC 1599f into the Cyber Excepted Service and does NOT convey eligibility to be converted to the Competitive Service.

It has been identified as a position necessary to carry out and support the mission of the US Cyber Command.

It is in the Professional Work Category at the Full Performance Work Level within the CES Occupational Structure. It is located in the DISA - DBC/SERVICES DEVELOPMENT DIRECTORATE.

In order to qualify for this position, you must meet the requirements described below.

Basic Requirements: Applicants must have IT-related experience demonstrating the following competencies appropriate to, or above, the level of this position.

For vacancies below the full-performance level of the position, the basic requirement will be evaluated on a developmental basis.

Your resume and work experience should clearly support your ability to meet these competencies and will be evaluated as part of the entire application process.

GG-12 thru GG-13: Attention to Detail- experience reviewing my own information technology-related work or data and have been asked by others to review their work or data to ensure accuracy, completeness, and consistency with standards Customer Service - experience maintaining relationships with customers, assessing current information technology needs of customers, and developing or identifying information technology products and services that are tailored to meet customer needs Oral Communication -briefing mid-level management and IT staff on the status of information technology systems, projects, or daily operations, including the communication of technical information to a non-technical audience Problem Solving - identifying alternatives to address complex information technology-related issues by gathering and applying information from a variety of sources that provide a number of potential solutions AND Qualifying Experience: In addition to meeting the basic requirement, applicants must possess qualifying experience.

To qualify based on your experience, your resume must describe at least one year of experience that demonstrates the competencies necessary for immediate success in the position.

Experience refers to any paid or unpaid experience, including volunteer work and Military service, that would be considered equivalent to work normally performed at the next lower grade level in the federal service.

To qualify at the GG-12, qualifying experience is defined as: Experience conducting risk and vulnerability assessments of planned and installed information systems OR identifying vulnerabilities, risks, and protection needs OR ensuring implementation of information system security policies throughout network or system lifecycles.

To qualify at the GG-13, qualifying experience is defined as: ?

Experience managing programs pertaining to cybersecurity protocols and risk management OR conducting systems security evaluations, audits, and reviews OR promoting awareness of security issues among management and ensuring sound security principles are reflected in the organizations' visions and goals.

Volunteer Experience: Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual, community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates to paid employment.

You will receive credit for all qualifying experience, including volunteer experience.?

Candidates must describe how they meet the qualifying experience and/or selective placement factor(s) within the body of their resume.

All qualifications must be met within 30 days after the closing date of this announcement. **Combination of education and experience is not applicable for this position.** Major Duties:

• Develops and implements objectives, standards, policies and procedures, methods, techniques, and maintains to support an organization or DOD information system-level cybersecurity program.
• Provides continuing cybsersecurity policy guidance and oversight to Services Development (SD) capability providers.
• Maintains status and monitors progress of the SD capability provider’s accreditation program and assessment and authorization (A+A) to include but not limited to artifact documentation, and currency of Authority to Operate (ATO).
• Assists SD capability providers with the risk analysis and management by monitoring SD capabilities for Information Assurance Vulnerability Alert (IAVA), Security Technical Implementation Guide (STIG), and Risk Management Framework (RMF) compliance.