Supervisory IT Program Manager (INFOSEC)

Full Job Description

This position is located in the Office of Information Technology (OIT), Office of Information Security (OIS). This position supervises numerous teams within risk management.

This position develops and analyzes procedures and systems for identifying, assessing, validating, and reporting on the effectiveness of major information security risk management programs.

To qualify for this position, applicants must meet all requirements by the closing date of this announcement, 03/03/2026.

You may qualify based on your experience as described below: Basic Requirements: Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate For all positions, individuals must have IT-related experience demonstrating each of the four competencies listed below.

The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled.

Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

NOTE: The basic occupational requirements MUST be substantiated in your resume. Failure to provide the required information will render your application ineligible for consideration.

Read all responses before making your selection. AND Specialized Experience: You must possess a minimum of one (1) year of experience equivalent to at least the GS-14 level.

Specialized experience for this position is defined as: Skills in leading end-to-end RMF activities (categorization, selection, implementation, assessment, authorization, and monitoring) for complex or high-value VA systems, resulting in timely Authorizations to Operate (ATO) and measurable Plan of Action and Milestones (POA&M) reduction.

Skills in applying Cybersecurity Program Leadership & Governance by directing an enterprise information security program that aligns with regulatory requirements and implements governance, risk, and compliance practices across multiple stakeholders Skills in applying Enterprise Risk Management & Security Architecture by applying information systems security principles and concepts, risk management processes, and cybersecurity and privacy principles to guide architecture decisions and risk acceptance/mitigation across a large portfolio.

Skills in Incident Response, Privacy Integration, and Regulatory Compliance by overseeing major incident response coordination and integrating privacy requirements within cyber operations consistent with regulatory requirements.

Skills in applying Technical Oversight of Security Operations by using current industry methods to evaluate, implement, and disseminate security assessment, monitoring, detection, and remediation capabilities (e.g., vulnerability management, configuration compliance, logging/analytics), and validating outcomes through metrics.

Skills in translating the organization's enterprise IT goals and objectives into actionable cybersecurity strategies, investment plans, acquisition requests, and workforce priorities; briefing senior leadership and governing boards.

For more information on these qualification standards, please visit the United States Office of Personnel Management's website at https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/.

Major Duties:

OIT Mission: The mission of the Office of Information and Technology (OIT) is to collaborate with our business partners to create the best experience for all Veterans.

OIT Vision: To become a world-class organization that provides a seamless, unified Veteran experience through the delivery of state-of-the-art technology.

Major Duties: Responsible for providing expert advice and developing strategic compliance plans, policies, and guidance for a designated teams.

Oversees the monitoring of compliance with federal, state, local laws, and regulations at designated VA, contractor managed facilities, and VA-wide programs.

Leads, coordinates, communicates, integrates and is accountable for the overall success of the program, ensuring alignment with agency or enterprise priorities.

Identifies and address cyber workforce planning and management issues. Develop security compliance processes and audits for external service (e.g., cloud service providers, data centers).

Work Schedule: Monday - Friday 8:00 AM - 4:30 PM Travel Required: Up to 50% travel may be required, as needed, for this position.

Compressed/Flexible: At Agency's Discretion Telework: VA supports the use of telework as a way to help attract and retain talented individuals in public service, increase worker productivity, and better prepare the agency to operate during emergencies.

This position may be authorized for telework. Telework eligibility may be discussed during the interview process. Virtual: This is not a virtual position.

Position Description/PD#: Supervisory IT Program Manager (INFOSEC)/PD177170 Relocation/Recruitment Incentives: Not Authorized Permanent Change of Station (PCS): Not Authorized PCS Appraised Value Offer (AVO): Not Authorized