IT SPECIALIST (INFOSEC)

Full Job Description

This position is part of the Department of War Information Activity. The incumbent serves as a Facility Related ICS Operational/Information Technology Specialist (INFOSEC).

Incumbent oversees certification and accreditation activities for OT/IT Security Compliance (INFOSEC) for the DWIA Facility Related Industrial Control Systems (ICS)/OT that support DWIA's Enterprise networks, systems, and general staff.

In addition to meeting qualifications, your application package must reflect the applicable experience to meet the Individual Occupational Requirements for the 2210, series as listed below: This position has an individual occupational requirement (IOR) which must be met to qualify for this position.

You must have Information Technology (IT)-related experience which demonstrates proficiency in each of the following four competencies listed below: 1.

Attention to Detail - Is thorough when performing work and conscientious about attending to detail. 2.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

3.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

You may qualify at the GS-13, if you fulfill the following qualifications: A.

One year of specialized experience equivalent to the GS-12 grade level in the Federal service as listed below: Developing OT system policies, directives and guidance to support cybersecurity operational requirements.

Applies technical expertise to investigate cybersecurity issues, and recommends policies, plans and COAs for cybersecurity activities and exercises for ICS/OT systems.

Coordinates and/or provides oversight for all NIST 800-53 and NSIT SP 800-82 eMass Security Control Assessments via eMass, Site Assistance Visits, Command Operational Cyber Readiness (CORA), and Cyber Security Service Provider (CSSP) evaluations for assigned ICS/OT systems.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. Major Duties:

This position is being filled under the memorandum from the Under Secretary of Defense for Personnel and Readiness (USD(P&R)) "Expansion of Direct Hire Authority for Certain Personnel of the Department of Defense," dated August 12, 2024.

As a IT SPECIALIST (INFOSEC) at the GS-2210-13 some of your typical work assignments may include: Implement Risk Management Framework (RMF) through completing or requesting eMass digital artifacts of proof to obtain and maintain Authorization to Operate (ATO) for DMA ICS and Common Controls.

Directs and controls assigned cybersecurity services and provides specialized Information Security (IS)/IA services throughout the DMA Facility-Related Industrial Control Systems (ICS).

Plans, organizes, and oversees projects that involve high-level policy and program impacts, and requires a highly sophisticated understanding of modern communication methods and the technologies supporting those methods.

Performs deep analyses of the DMA FRCS using multiple information sources and IA tools to determine current and future points of weakness and failure in infrastructure design and operations and articulates these findings to senior leadership (DMA CIO and CISO).

Ensures that DoW Component-owned or controlled DoW ICSs are assessed for NIST 800-82 Rev.

3 Guide to Industrial Control Systems Security vulnerabilities on a regular basis, and that appropriate cybersecurity solutions to eliminate or otherwise mitigate identified vulnerabilities are implemented.

Identifies the NIST Risk Management Frameworks (NIST 800-53 Rev. 5, NIST 800-37 Rev.

2) and DoD regulations relating to the Risk Management Framework and coordinates resources and personnel management to acquire and maintain Authority to Operate (ATO) accreditation.

Ensures the development and maintenance of ICS certification documentation according to DoD Instruction 5200.40 by reviewing and endorsing such documentation and recommending action to the DMA Chief Information Security Officer (CISO).

Maintains an up- to-date repository of all cybersecurity certification and accreditation documentation and modifications using the Enterprise Mission Assurance Support Service (eMASS) portal.