IT SPECIALIST (PLCYPLN/INFOSEC)

Full Job Description

You will serve as a INFORMATION TECHNOLOGY SPECIALIST (PLCYPLN/INFOSEC) in the Command Information Office Directorate of Naval Facilities Engineering Command (NAVFAC) Headquarters.

The Secretary of Defense has ordered a department-wide hiring freeze subject to certain limited exceptions. This position is subject to the DoD hiring freeze.

Offers of employment related to this vacancy announcement will not be executed until the position has an approved exemption.

Your resume must reflect a minimum of one year of information technology related experience in the federal service or private or public sector demonstrating the following four competencies, as defined: Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

IT-related experience demonstrating this competency must include: Preserving evidentiary data using industry standard cyber forensics analysis tools to provide a detailed report.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

IT-related experience demonstrating this competency must include: Developing strategic plans for the delivery of information technology (IT) customer services to support an organization's mission.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

IT-related experience demonstrating this competency must include: Briefing senior leaders on information technology (IT) cybersecurity program particulars (e.g., requirements, schedules, costs, concepts, solutions, deployment, and operation).

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

IT-related experience demonstrating this competency must include: Perform a risk assessment of information technology (IT) and/or Operational Technology (OT) systems to identify cybersecurity vulnerabilities and threats, and recommend solutions for remediation or mitigation.

In addition, your resume must demonstrate at least one year of specialized experience at or equivalent to the GS-13 grade level or pay band in the Federal service or equivalent experience in the private or public sector performing the following duties: 1) Providing oversight and leadership for risk management of a DoD command's information systems and/or control systems by communicating, shaping, and developing Cybersecurity and Information Assurance policy; 2) Interpreting and analyzing system security test results and making a security risk determinations based upon those results that significantly influence important DoD IT policies; 3) Applying cyber defense mitigation techniques and utilizing vulnerability assessment tools to establish vulnerability reporting criteria and coordinate the implementation of security programs across multiple platforms and enclaves; 4) Overseeing the evaluation, implementation, and dissemination of IT security assessment, monitoring, detection, and remediation tools and procedures; and 5) Exhibiting mastery of information assurance and cybersecurity principles and organizational requirements to protect confidentiality, integrity, availability, authenticity, and non-repudiation of information and data.

NOTE: This experience must be fully supported by your resume.

Additional qualification information can be found from the following Office of Personnel Management website: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., professional, philanthropic, religious, spiritual, community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. Major Duties:

• You will create and update Echelon II business rules in coordination with key stakeholders, to include Program Managers, Information System Owners, subordinate ISSMs, (DCO)Analysts, and cybersecurity peers for various cybersecurity functional areas.
• You will develop and maintain a functional command cybersecurity program that includes cybersecurity architecture, requirements, objectives and policies, cybersecurity personnel, and cybersecurity processes and procedures.
• You will draft, modify, and maintain command core cybersecurity policies; and you will maintain a repository of all command cybersecurity-related documentation.
• You will review IT/OT and control systems programs to assess overall compliance with cybersecurity plans and policies, and alignment with business and mission requirements.
• You will modify IT and control systems plans and policies to respond to changes in the command's business or mission requirements and processes, or change in legislation or regulatory requirements.
• You will ensure all personnel with cyber security functions are identified as DoD Cybersecurity Workforce (DCWF) in the Defense Civilian Personnel Data System (DCPDS) and designated in writing.
• You will ensure all personnel with cyber security functions are fully qualified in accordance with assigned Cyber IT/CS position and specialty area qualifications.
• You will track cybersecurity and CIO office data and metrics to ensure compliancy with all CIO related tasking, including but not limited to the following:
• - DADMS and DITPR-DON registration, FISMA reporting and compliancy, DoD Scorecard Reporting, Waivers (e.g., HBSS, MDE, PKI, Operating Systems), VRAM registration and compliancy, Cyber Planning and Response Center tickets, etc.
• You will evaluate the impact of new laws and guidance on current programs and systems, recommend changes to existing plans and policies to ensure compliance and responsiveness.