IT Specialist (INFOSEC)

Full Job Description

See below for important information regarding this job. Position will be filled at any of the locations listed below.

Site specific salary information as follows: Battle Creek, MI: $106,437 - $138,370 Columbus, OH: $111,065- $144,386 Dayton, OH: $110,401- $143,523 Fort Belvoir, VA: $121,785- $158,322 New Cumberland, PA: $121,785- $158,322 Ogden, UT: $106,437 - $138,370 Philadelphia, PA: $117,284- $152,471 Richmond, VA: $111,183- $144,540 To qualify for an IT SPECIALIST (INFOSEC), your resume and supporting documentation must include: A.

Specialized Experience: One year of specialized experience that equipped you with the particular competencies to successfully perform the duties of the position, and is directly in or related to this position.

To qualify at the GS-13 level, applicants must possess one year of specialized experience equivalent to the GS-12 level or equivalent under other pay systems in the Federal service, military or private sector.

Applicants must meet eligibility requirements including time-in-grade (General Schedule (GS) positions only), time-after-competitive appointment, minimum qualifications, and any other regulatory requirements by the cut-off/closing date of the announcement.

Creditable specialized experience includes: Thorough and comprehensive knowledge of Federal guidelines covering information security, information system security, authorization, risk management, system analysis, and cybersecurity training in order to review and develop technical policies and procedures and to conduct IT security risk assessments.

Skill and knowledge in applying Federal security requirements, (i.e., Clinger-Cohen Act, FISMA, FISCAM, RMF, NIST SP 800, OMB A-130, OMB 123) to assess and make security risk assessments.

Thorough and comprehensive knowledge and understanding of all aspects of project and program management in order to manage cybersecurity programs to include Cybersecurity, IT security certifications, risk management, and cybersecurity vulnerabilities.

Developing or ensuring the development of time-phased action plans; developing project controls, and monitoring project progression; overseeing the administration of contracts, and contract support; and preparing and providing status reports, and briefings.

Mastery of IT cybersecurity procedures and techniques, and the application of IT to resolve management problems and to improve management processes.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. Major Duties:

• Performing work that involves ensuring the confidentiality, integrity and availability of systems, networks and data through the planning, risk-based analysis,...
• ...development, implementation, maintenance and enhancement of information cybersecurity programs, policies, procedures and tools.
• Responsible for developing policies and procedures for protecting information systems and networks.
• Reviewing and commenting on draft DoD and CINC technical policy, procedures and processes proposals involving cybersecurity.
• Authoring and developing associated implementing policies and procedures for the agency, preparing and/or reviewing planning, program documents associated with implementation and review of such policies and procedures throughout DLA.
• Performing all required analysis to assigned policy and procedure implementation to achieve mission expectations, e.g., policies and procedures associated with securing DLA systems.
• Participating in conducting security conducting security and audit policy reviews to assure the continual effectiveness and adequacy of the safeguards to information systems, networks and website
• cybersecurity technical advice, guidance, and controls recommendations to senior IT subject-matter experts, senior executives and managers on critical IT cybersecurity and audit readiness...
• issues requiring new approaches, establishment of precedents, or the interpretation of controversial law, regulation, or past practice.
• Serving as the Audit Sustainment Security Management EOPR.
• Reviewing technical, especially platform and infrastructure, aspects of Automated Information Systems (AIS) undergoing risk management framework activities, recommending for or against authorization as appropriate.