Information Technology Cybersecurity Specialist

• Duties

Help

Duties

Summary

The Department of Energy is seeking motivated and highly-qualified candidates for exciting positions available in multiple locations throughout the United States.

The mission of the Energy Department is to ensure America's security and prosperity by addressing its energy, environmental and nuclear challenges through transformative science and technology solutions.

To learn more about the Department of Energy, please visit the website at www.energy.gov.

Learn more about this agency

Responsibilities

This series covers positions that manage, supervise, lead, administer, develop, deliver, and support information technology (IT) systems and services. This series covers only those positions for which the paramount requirement is knowledge of IT principles, concepts, and methods; e.g., data storage, software applications, networking. Additionally, these positions have a cybersecurity requirement which involves the security of and operations in cyberspace and encompasses the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery activities, including computer network operations, information assurance, diplomacy, military, and intelligence missions as they relate to securing the global information and communication infrastructure.

As an IT Cybersecurity Specialist, at minimum you will:

• Evaluate system security plans and procedures, and assist in managing and directing the operations and functions of the office support contractors, addressing IT out-of-compliance issues, preparing, implementing, monitoring, and updating the project plan

• Develop Plans of Actions and Milestones (POA&Ms) to correct findings of non-compliance

• Initiate, direct and participate in the full life cycle of cyber security appraisals and network penetration testing of geographically dispersed and operationally diverse agency facilities

• Develop and recommend new and/or revised inspection, evaluation, and penetration testing methodologies for cyber security appraisals

• Provide recommendations on implementation strategies and policy recommendations based on industry best practices and governing directives

• Assist the Division by conducting research, conducting investigations of cyber events to include those that potentially violate regulatory requirements

• Collaborate with senior leadership, departmental and contractor managers and staff in scheduling, planning, coordinating, and implementing the Independent Oversight Cyber Security Appraisal Program.

Travel Required

Occasional travel

• Occasional travel may be required, however, dependent upon the program office some positions may require a higher percentage of travel.

Supervisory status

No

Promotion Potential

15 - Vacancies filled under this public notice may have varying levels of promotion potential and supervisory level, if any.

• Job family (Series)

2210 Information Technology Management

Similar jobs

• Computer Network Support Specialists

• Computer Security Specialists

• Computer Support Specialists

• Information Technology Specialist (It Specialist)

• Specialists, Computer Network Support

• Specialists, Computer Security

• Requirements

Help

Requirements

Conditions of Employment

• You must be a United States Citizen.

• This employer participates in the e-Verify program.

• See "Other Information" section regarding Selective Service requirements.

• Telework may or may not be eligible depending on the position requirements

• May be required to complete a Financial Disclosure Statement

OTHER REQUIREMENTS:

These positions are to be filled under the OPM Government-Wide Direct Hire Authority for Certain Cybersecurity and Related positions for grades GS 12-15. This serves as a public notice for the use of the Direct Hire Authority in accordance with 5 U.S.C. 3327 and 3330 and 5 CFR 330. Under this recruitment procedure, applications will be accepted for each location/ installation identified in this Public Notice. There may or may not be actual/projected vacancies at the time you submit your application.

Positions are located agency-wide and may be filled as permanent, term, or temporary with a full-time or part-time work schedule. Pay will vary by geographic location.

Appointments made with this authority are processed as a new appointment into the Civil Service.

The vacancies filled through these appointments have varying levels of background investigative requirements, up to a Top Secret

• DOE "Q" clearance.

Status and Non-Status applicants from outside DOE selected under this authority are required to serve a mandatory one (1) year probationary period. A DOE career status employee selected for this position may be required to serve a new one (1) year probationary period, pursuant to 5 CFR 315.802.

A preliminary background check must be completed before a new employee can begin work. Current Federal employees or other individuals with an existing completed background investigation may not be required to undergo another background check.

All positions are subject to satisfactory security and suitability determinations.

Positions may be designated as a Testing Designated Position (TDP) and subject to testing for illegal drug use. A negative drug test must be obtained prior to being appointed into these positions and will be subject to random testing thereafter.

Qualifications

SPECIALIZED EXPERIENCE REQUIREMENTS

Applicants must have IT-related experience demonstrating each of the four competencies listed below.

• Attention to Detail

• Is thorough when performing work and conscientious about attending to detail.

• Customer Service

• Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

• Oral Communication

• Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

• Problem Solving

• Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

In addition to the competencies, a qualified candidate's online application and resume must also demonstrate at least one year of specialized experience equivalent to the next lower grade level in the Federal service.

The specialized experience listed are the minimum requirements for the series, each particular vacancy may have additional experience necessary to meet the applicable grade level. A qualified candidate's online application and resume must demonstrate the above competencies and at least one year of specialized experience equivalent to the next lower grade level in the Federal service. Specialized experience for these positions are defined as:

GS-12: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-11 grade level in the Federal service. Specialized experience includes, but is not limited to:

• demonstrate experience with a full range of computer, information, cyber, and telecommunications security issues to assure effectiveness within a large organization information security program
• provide advice, and instruction on cyber security issues
• participate in the collection and analysis of technical and management data associated with the agency cyber security programs
• maintain continued technical liaison with the appropriate staff elements throughout the agency
• exchange information in connection with cyber security requirements

GS-13: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-12 grade level in the Federal service. Specialized experience includes, but is not limited to:

• provide technical advice, counsel, and instruction on cyber security issues
• initiate, direct and participate in the full life cycle of cyber security appraisals and network penetration testing of geographically dispersed and operationally diverse agency facilities
• participate in the collection and analysis of technical and management data associated with the agency cyber security programs
• maintain continued technical liaison with the appropriate staff elements throughout the agency
• exchange information in connection with cyber security requirements; prepare various reports, briefings, summaries, and progress reports pertaining to this area
• prepare and recommend new and/or evaluations, and penetration testing methodologies for cyber security appraisals

GS-14: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-13 grade level in the Federal service. Specialized experience includes, but is not limited to:

• provide technical advice, counsel, and instruction on cyber security issues
• initiate, direct, and participate in the full life cycle of cyber security appraisals and network penetration testing of geographically dispersed and operationally diverse agency facilities
• participate in the collection and analysis of technical and management data associated with the agency cyber security programs
• maintain continued technical liaison with the appropriate staff elements throughout the agency
• exchange information in connection with cyber security requirements
• prepare various reports, briefings, summaries, and progress reports pertaining to this area; prepare and recommend new and/or evaluations, and penetration testing methodologies for cyber security appraisals
• collaborate with senior level Departmental personnel and contractor managers and staff in scheduling, planning, coordinating, and implementing an Independent Oversight Cyber Security Appraisal Program (or equivalent)

GS-15: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-14 grade level in the Federal service. Specialized experience includes, but is not limited to:

• provide technical advice, counsel, and instruction on complex cyber security issues

• initiates, directs and participates in the full life cycle of cyber security appraisals and network penetration testing of geographically dispersed and operationally diverse agency facilities

• participate in the collection and analysis of technical data associated with the agency cyber security programs; maintain continued technical liaison with the appropriate staff elements throughout the agency

• exchange information in connection with cyber security requirements

• prepare various reports, briefings, summaries, inspection guidance, and progress reports pertaining to this area

• present data to an audit team, perform spot audits, defend compliance positions or create plans and procedures designed to meet regulatory requirements

• Develop and recommend new and/or revised inspection, evaluation, and penetration testing methodologies for cyber security appraisals

"Experience" refers to paid and unpaid experience. Examples of qualifying unpaid experience may include: volunteer work done through National Service programs (such as Peace Corps and AmeriCorps); as well as work for other community-based philanthropic and social organizations. Volunteer work helps build critical competencies, knowledge, and skills; and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

OPM Qualification Standards for the GS-2210 series can be found at the following website: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/

CTAP/ICTAP candidates: To be considered "well qualified" you must meet all of the requirements as described in this section.

This public notice may be used to fill multiple positions as needed; therefore, applicants must meet the qualifications at the time the applications are reviewed.

Education

QUALIFICATIONS CONT'D:

Your application and resume should demonstrate that you possess the following knowledge, skills and abilities (KSAs). Do not provide a separate narrative written statement. Rather, you must describe in your application how your past work experience demonstrates that you possess the KSAs identified below. Cite specific examples of employment or experience contained in your resume and describe how this experience has prepared you to successfully perform the duties of this position. DO NOT write "see resume" in your application!

• Knowledge of IT concepts, principles, methods, and practices to plan and carry out complex assignments involving the application of information technology to improve agency programs and operations.

• Knowledge of cybersecurity principles, concepts, and objectives, including potential cyber vulnerabilities and threats to existing systems, in order to ensure maximum protection for agency systems.

• Knowledge of Federal IT cybersecurity standards, policies, and practices in order to ensure the functionality, operability, and integrity of installed systems and suggest improvements to improve the security of DOE systems, data, and networks.

• Knowledge of business process engineering concepts and methods sufficient to participate in studies designed to identify potential improvements in the way information technology is applied to key DOE business functions.

• Knowledge of, and skill in applying, systems engineering concepts and factors, including structured design; supportability; survivability; reliability; scalability; and maintainability to ensure that applications are optimized for state-of-the-art technology and functionality.

• Knowledge of advancements and current trends in information technology within DOE, Federal government, and private sectors in order to assist in implementing a robust IT infrastructure.

• Knowledge of project management principles, methods, and practices in order to collaborate with programs, field sites, and contractor communities to meet current and future business needs of the program. Knowledge of Agile project management techniques to deliver incremental results and value.

• Skill in communicating, both orally and in writing, to prepare individual and team reports and vulnerability, incident, and provide briefings to management.

EDUCATION:

Education must be obtained from an accredited institution recognized by the U.S. Department of Education.

Foreign education must be reviewed by an organization recognized by the U.S. Department of Education. For special instructions pertaining to foreign education and a list of organizations that can evaluate foreign education, see the Department of Education website.