IT SPECIALIST (INFOSEC)

Full Job Description

This position is part of the Defense Human Resources Activity. You may qualify at the GS-13, if you fulfill the following qualifications: A.

One year of specialized experience equivalent to the 12 grade level in the Federal service: Experience collaborating with cross-functional stakeholders to identify, prioritize, and map critical business functions, ensuring that IT portfolio and security initiatives are directly aligned with core organizational objectives.

Expertise in defining, authoring, and implementing comprehensive cybersecurity policies and procedures to govern and protect critical infrastructure, ensuring compliance with relevant laws, regulations, and industry standards.

Experience in driving security improvements by ensuring that robust Plans of Action and Milestones (POA&Ms) are developed, implemented, and tracked for all identified vulnerabilities, verifiably reducing the organizational attack surface.

Experience in project management principles and methods.

Experience leading or directing implementation activities of cybersecurity Tools Experience with reviewing and interpreting DOD and Federal Orders, Directives, Instructions, Regulations, and Best Practices ; OR Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience.

In addition to meeting qualifications, your application package must reflect the applicable experience to meet the Individual Occupational Requirements for the 2210 series.

Requirements for the 2210 series as listed below: Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate.

For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below.

Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Per DoDM 8140.03, the incumbent of this position must achieve the appropriate IA certification within six months of assignment of these duties.

A waiver of this six-month requirement may be granted per DoDM 8140.03, 4.2.c. Major Duties:

As a IT SPECIALIST (INFOSEC) at the GS-2210-13 some of your typical work assignments may include: Member of the Defense Operations Branch within the Information Technology Operations (ITOPS) Division.

Have knowledge of all aspects of cybersecurity and compliance, including Risk Management Framework (RMF), NIST 800-53, DODI 8510.01, DODI 8530.01, and JFHQ-DODIN 8600-26 requirements and best practices.

Technical knowledge of IT platforms, technologies, and clouds (Microsoft, Unix/Linux, Oracle, AWS, Kubernetes, etc.) to ensure proper implementation of Security Requirement Guide (SRG) and Security technical implementation Guidance (STIG) Provide leadership and mentoring to less-experienced team members.

Mapping of enterprise processes, procedures, and tools to DOD Zero Trust Activities. Lead contractor teams in operations.

Develop strategy, standards, processes and technology related to Cyber Tools, Risk Management Framework, Account Management, Registration Authority, Exceptions to Policy, Vulnerability Management, Audits, and etc.

Have expert knowledge in EndPoint Security (Trellix/MDE/Crowdstrike), Vulnerability Scanning (Tenable/ACAS), Endpoint Detection and Response (Tanium), Application Code Scanning tools, File Integrity Monitoring tools, Container Security Tools, Privileged Access Management(PAM), Comply to Connect (C2C), Enterprise Logging, SIEM, IPS/IDS, and be able to perform senior analyst functions that will assist in the implementation and operations of tools.

Have expert cybersecurity knowledge in network or application design, operating systems, endpoint protection, mobile devices, and foundational cybersecurity technical controls.

Performs all procedures necessary to ensure the safety of information systems assets and to protect the confidentiality, integrity and availability of systems from intentional or inadvertent access