IT SPECIALIST (INFOSEC)

Full Job Description

THIS IS A NATIONAL GUARD TITLE 5 EXCEPTED SERVICE POSITION.

This National Guard position is for an IT SPECIALIST (INFOSEC), Position Description Number T5821400 and is part of the OH 179 Cyberspace Wing, National Guard.

The purpose of this position is to serve as a Computer Network Operations Technical Expert, ensuring the confidentiality, integrity, and availability of information systems, networks and data.

GENERAL EXPERIENCE: Individuals must have IT-related experience demonstrating each of the four competencies listed below.

The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled.

Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

SPECIALIZED EXPERIENCE: 1-year equivalent to at least next lower grade level Specialized experience.

Experience that has equipped the applicant with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position and is typically in or related to the work of the position to be filled.

Such experience is typically gained in the IT field or through the performance of work where the primary concern is IT. Major Duties:

As an IT SPECIALIST (INFOSEC), GS-2210-12, you will perform the following duties: 1. Performs as the Team Technical Lead during vulnerability assessments of DoD information systems.

Utilizes knowledge of systems security principles and concepts, of new Information Technology (IT) security developments, and of the infrastructure protection environment to select appropriate tools to be used by team members.

Establishes methodology, and determines best techniques to penetrate computer systems and exploit information within these systems.

Directs the team during actual assessments to find vulnerabilities due to improper configurations, missing or improperly applied patches, or procedural errors.

Provides assistance to owners of assessed systems by providing recommendations pertaining to implementing security programs designed to anticipate, assess, and minimize system vulnerabilities, to correct deficiencies discovered, and to apply new IT security concepts.

Briefs commanders and network administrators on the purpose and findings of the assessment, and prepares reports on the findings.

Assists in developing security solutions to correct deficiencies that cannot be fixed with existing solutions. 2.

Conducts extensive research of new vulnerabilities discovered in operating systems, application software, infrastructure and firewalls.

Investigates, analyses, and develops methods that could be used to exploit those vulnerabilities.

Conducts testing on training range to validate findings and to develop and refine methods and procedures to mitigate vulnerabilities.Conducts extensive research of tools currently being used to attack or gain unauthorized access to information networks.

Analyzes and tests these tools on training range to determine effectiveness, stability, and scope of the tools.

Modifies and refines tools for use in vulnerability assessments to provide the customer with the best possible evaluation of their security posture. 3.

Performs information operations that protect and defend (or assess the capability to protect and defend) information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.

This includes providing for restoration of information systems by incorporating protection, detection, and reaction capabilities.

Conducts risk and vulnerability assessments of DoD information systems to identify associated vulnerabilities, risks and protection needs. Performs OPFOR and other operational tasking.

Operates fixed and deployed communications-computer systems.

Performs activities such as configuring and monitoring hardware and software for system operation, processing and control of data flow, and client-server multi-user system support including network management or administration.

Performs microcomputer fault isolation and restoration actions.

Evaluates and assesses vulnerabilities of customer network and application server hardware, operating system software, and peripheral network equipment such as routers, bridges, switches, attached cabling system, network interface cards, modems, multiplexers, and concentrators.

Conducts evaluations to ensure compliance with applicable standards. Ensures system backups are performed to ensure expedient restoration of the database for the respective network equipment.

Evaluates effectiveness of customer network firewalls. 4. Analyzes equipment and software reliability and suitability for vulnerability assessment utilization.

Conducts analyses of network usage, hardware and software capabilities, ineffective practices or procedures, equipment shortcomings, and other relevant factors.

Recommends methods and procedures and coordinates corrective action to optimize utilization of present equipment.

Uses benchmarks, performance measurement, and evaluation data, in conjunction with vulnerability assessment techniques.

Develops recommendations or proposals involving a variety of specialized systems and improved operational efficiency.

Exercises authority and oversight of the squadron's digital training range(s), a suite of servers, routers, switches, hubs and other devices which can be configured with a variety of different operating systems in various versions, and with pre-programmed vulnerabilities, to be used in Computer Network Operations (CNO) training.

Performs other duties as assigned. *The above duty description does not contain all details of the official position description.

A copy of the entire position description can be found on FASCLASS by searching the position description PD#: (T5821400). https://acpol2.army.mil/fasclass/search_fs/search_fasclass.asp