IT SPECIALIST (PLCYPLN/INFOSEC)

Full Job Description

Click on "Learn more about this agency" button below for IMPORTANT additional information.

The primary purpose of this position is to serve as the principal Information Systems Security Manager (ISSM) For the National Air and Space Intelligence Center (NASIC).

The organizational mission is defined in the NASIC Flight Plan. (See "Additional Information").

**Salary ranges include local market supplements.** This is a GG-13 position in the Defense Civilian Intelligence Personnel System (DCIPS).

The GG-13 duties for the "Professional" work category are at the "Senior" work level and are equivalent to those at the GS-13 level.

The selectee's salary will be set within the grade equivalent to a GS/GG grade based on the selectee's qualifications in relation to the job.

In order to qualify, you must meet the specialized experience requirements described in the Office of Personnel Management (OPM) Qualification Standards for General Schedule Positions for the GS-2210, Information Technology (IT) Management Series (Alternative A).

Experience: Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate.

(See "Education" section for more information) For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below.

The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled. 1.

Attention to Detail - Is thorough when performing work and conscientious about attending to detail. 2.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

3.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

In addition to meeting the basic requirement above, to qualify for this position you must also meet the qualification requirements listed below.

EXPERIENCE REQUIRED: Your resume must reflect quality level experience which demonstrates the possession of the knowledge, skills, abilities and competencies necessary for successful job performance required for this position.

Quality experience is experience that has equipped the applicant with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position and is typically in or related to the work of the position to be filled.

Examples of creditable experience include: Knowledge of a wide range of risk management and cyber security principles, concepts, methods, advancements, policies, design, development, testing and applications, both hardware and software sufficient to assess the organization's IT business requirements and convince management toward a specific course of action.

Knowledge of the organization's policy and planning formulation process along with its missions, goals, and objectives to prepare IT polices and plans.

Knowledge of organizational acquisition requirements, budgetary techniques, and financial status sufficient to identify needs and recommend adjustment of IT funding priorities.

Knowledge of management requirements sufficient to render recommendations on development of new software verses purchase of off-the-shelf programs.

Knowledge of systems architecture, integration techniques, and testing methods sufficient to conduct feasibility studies.

Ability to develop IT policies and plans and to assess impact of changed policy and emerging technology on the organization's current IT plans and programs.

Ability to perform feasibility studies, perform cost analysis review, develop investment plans, and recommend a best course of action along with suitable alternatives.

Ability to review and consult on IT related contracts and to serve as a technical authority on IT systems and service contracts.

Ability to stay well informed on rapidly changing technology, to evaluate its possible impact on organization missions, and to develop plans to satisfy requirements.

Note: Creditable experience may include previous military experience, experience gained in the private sector, or experience gained in another government agency.

KNOWLEDGE, SKILLS AND ABILITIES (KSAs): Your qualifications will be evaluated on the basis of your level of knowledge, skills, abilities and/or competencies in the following areas: Broad knowledge of IT security principles, concepts, practices, products, and services, including systems software, database software, storage technology, and methods for evaluating risk and vulnerability, implementing mitigating improvements, and disseminating IT security tools and procedures.

This knowledge also encompasses IT server and client technologies (both hardware and software) for Windows, Unix, and Linux operating systems, as well as threats to IT systems and the technologies and tools related to attacking and defending IT systems.

Knowledge of risk management processes, such as methods for assessing and mitigating risk, and familiarity with DoD/IC IT System assessment and authorization (Risk Management Framework) principles and processes.

Knowledge of DoD/IT System Assessment and Authorization (A&A), network operations and protocols, and systems testing and evaluation and performance management methods sufficient to plan and conduct security authorization reviews for installed systems or networks and assess and advise on new or revised security measures and countermeasures based on the results of authorization reviews.

Skills in applying advanced cybersecurity methods-such as implementing firewalls, demilitarized zones, encryption, and secure configuration management processes-and proficiency in determining system security requirements, including resilience and dependability capabilities, while assessing how changes in conditions or operations affect security outcomes.

Skills in communication and interpersonal skills, enabling the production of authoritative reports, position papers, and briefings tailored to commanders and senior leadership, and possess the ability to establish and maintain effective relationships, negotiate complex issues, and resolve conflicts with mature judgment and experience.

Ability to plan, organize, and direct the functions and staff of an organization and provide technical direction to division personnel assigned to projects.

Skilled in Information Security (INFOSEC) technology, with the ability to perform analyses to assure the adequacy of implemented security features, and conduct research and analysis of security technology.

Additionally, possesses knowledge of acquisition and procurement procedures as they apply to computers and related security products.

PART-TIME OR UNPAID EXPERIENCE: Credit will be given for appropriate unpaid and or part-time work.

You must clearly identify the duties and responsibilities in each position held and the total number of hours per week.

VOLUNTEER WORK EXPERIENCE: Refers to paid and unpaid experience, including volunteer work done through National Service Programs (i.e., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student and social).

Volunteer work helps build critical competencies, knowledge and skills that can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. Major Duties:

Work directly with Agency Chief Information Security Officer (CISO) and designated Delegated Authorizing Official (DAO), and NASIC mission partners to ensure that networked and stand-alone mission systems are operated and maintained in a secure manner.

Manage and ensure compliance with cybersecurity standards, policies, and procedures across NASIC, maintaining the security and integrity of its information systems and networks.

Ensure that cybersecurity principles and requirements are addressed in all phases of the information life cycle, including acquisition and disposal.

Present and communicate technical information effectively through various mediums, including meetings, reports, and briefings, and apply cybersecurity expertise to critical infrastructure and systems.