IT Specialist (INFOSEC)

Full Job Description

See below for important information regarding this job. Position will be filled at any of the locations listed below.

Site specific salary information as follows: Battle Creek, MI: $106,437 - $138,370 Columbus, OH: $111,065- $144,386 Dayton, OH: $110,401- $143,523 Fort Belvoir, VA: $121,785- $158,322 New Cumberland, PA: $121,785- $158,322 Ogden, UT: $106,437 - $138,370 Philadelphia, PA: $117,284- $152,471 Richmond, VA: $111,183- $144,540 To qualify for an IT Specialist (INFOSEC) your qualifications must include: A.

Specialized Experience: One year of specialized experience that equipped you with the particular competencies to successfully perform the duties of the position, and is directly in or related to this position.

To qualify at the GS-13 level, applicants must possess one year of specialized experience equivalent to the GS-12 level or equivalent under other pay systems in the Federal service, military or private sector.

Applicants must meet eligibility requirements including time-in-grade (General Schedule (GS) positions only), time-after-competitive appointment, minimum qualifications, and any other regulatory requirements by the cut-off/closing date of the announcement.

Creditable specialized experience includes: - Evaluates and provides cybersecurity guidance and assessment on system development lifecycle efforts to ensure that baseline security safeguards are appropriately implemented - Conducts continuous cybersecurity compliance monitoring, to include periodic reviews of results of any such monitoring activities - Serves as a member of task forces for resolving critical problems in cybersecurity architecture and assessment/authorization to include, developing time-phased action plans and project controls, monitoring project progression, and preparing and providing status reports and briefings - Experience with RMF assessment tools such as eMASS, Xacta, CSET, or similar tools used within the Department of War.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. Major Duties:

• Serves as a cybersecurity Subject Area Expert (SME) and Information System Security Manager (ISSM), providing cybersecurity assistance and guidance to Program/System Managers (PM/SM) for systems or applications
• As an ISSM, performs the assessment of the Risk Management Framework (RMF) security controls once implemented by System/Program Offices. Requires familiarity with NIST 800-53 rev. 5.
• In coordination with Program and System Subject Matter Experts, ensure all corresponding Risk Management Framework documentation is maintained in a repository to include any dates and/or modification to all relevant documented artifacts
• Acts as a cybersecurity technical advisor to the respective PM/SM, and when necessary, formally notifies the Primary ISSM (when applicable), Authorizing Official...
• ...and/or Security Control Assessor of any changes affecting the information system’s cybersecurity posture
• Assists in the development and maintenance of applicable Cybersecurity Program Plans for the applicable Program Management Office, which identifies the cybersecurity architecture, requirements, objectives, and policies
• Monitors implementation of security guidance and directs appropriate action to resolve identified discrepancies and/or deficiencies
• Serves as a principal advisor to leadership on all matters, technical and otherwise, involving the cybersecurity of an information system