Supvy IT Cybersecurity Specialist (INFOSEC)

Full Job Description

This position is located in Cybersecurity Operations and Response Division (CORD). The CORD plays a pivotal role in safeguarding the organization against cyber threats.

We ensure the resilience and security of USPTO digital assets. The incumbent serves as the Division Director, CORD.

You must meet the United States Office of Personnel Management's (OPM) qualification requirements (including specialized experience and/or educational requirements) for the advertised position.

You must meet all eligibility and qualifications requirements by the closing date of the job announcement.

OPM Qualifications Standards are available at Information Technology (IT) Management Series 2210 Specialized Experience is experience that has equipped applicants with the particular knowledge, skills and abilities to successfully perform the duties of the position, and that is typically in or related to the position to be filled.

To be creditable, specialized experience must have been equivalent to at least the next lower grade level in the federal service. For this position, the next lower grade level is a GS-14.

Specialized experience for this position includes: 1.

Experience directing daily and strategic operations of a large IT cybersecurity organization as a second-tier supervisor reporting to the CISO (or equivalent), responsible for translating cybersecurity strategy into actionable operational objectives, aligning enterprise security architecture, infrastructure performance, and risk posture optimization with mission-critical agency goals.

AND 2.

Experience leading advanced security operations including continuous monitoring, incident response, and threat detection across hybrid and cloud-based environments, proven ability to integrate cyber threat intelligence, risk assessments, and situational awareness into enterprise decision-making processes to protect high-value assets and federal intellectual property.

AND 3.

Experience managing forensic and vulnerability management operations to detect, analyze, and remediate security weaknesses, coordinating penetration testing, implementing enterprise patch management strategies, and conducting post-incident forensic investigations to identify root causes, ensure data integrity, and prevent recurrence.

AND 4.

Experience architecting, validating, and deploying secure technological solutions compliant with implementing Zero Trust architectures, enforcing access controls, and integrating automation tools to enhance compliance, scalability, and operational resilience.

AND 5.

Experience supervising cross-functional technical teams including network, cloud, and security engineers, along with analysts and program leads, workforce planning, technical training, and performance management, ensuring staff proficiency, operational readiness, and alignment with the cybersecurity strategic vision and security governance framework.

In addition to meeting the specialized experience you must meet the basic requirement below to qualify for this series.

Basic Requirement Competencies: The specialized experience must include, or be supplemented by, information technology related experience (paid or unpaid experience and/or completion of specific, intensive training, as appropriate) which demonstrates each of the four competencies, as defined: Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Condition of Employment: Incumbent must have one of the following certificates within 120 days from entry on duty (EOD): ISC2 Certified Authorization Professional (CAP); ISC2 Certified Information System Security Professional (CISSP); ISACA Certified Information Security Manager (CISM); GIAC Information Security Fundamentals (GISF); GIAC Security Leadership Certification (GSLC).

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. Major Duties:

The physical worksite for this position is located in Alexandria, Virginia. This position is telework eligible per agency and business unit discretion/policy.

Come join our team if you are enthusiastic about… Supervising and managing a highly technical staff of Information Technology Cybersecurity Specialists responsible for a wide variety of duties connected with the maintenance, design, and implementation of current, new, and emerging security programs designed to anticipate, assess, and minimize system vulnerability, e.g., intrusion prevention, forensics, computer incident response, security device management, and access authentication programs.

Participating in special projects and initiatives requiring collaboration and engagement at a leadership level and implements assigned projects that require senior management involvement across business units within the division or other USPTO offices.

Representing the Chief Information Security Officer (CISO) and the Office of the Chief Information Security Officer (OCISO) within and outside the agency and is fully authorized to communicate the Division's vision, strategy, policies, and priorities.

Planning, directing, and managing and supporting Cybersecurity Operations and Response activities.