Information Technology Cybersecurity Specialist

Department Of Energy Oak Ridge , TN 37831

Posted 3 weeks ago

  • Duties

Help

Duties

Summary

The Department of Energy is seeking motivated and highly-qualified candidates for exciting positions available in multiple locations throughout the United States.

The mission of the Energy Department is to ensure America's security and prosperity by addressing its energy, environmental and nuclear challenges through transformative science and technology solutions.

To learn more about the Department of Energy, please visit the website at www.energy.gov.

Learn more about this agency

Responsibilities

This series covers positions that manage, supervise, lead, administer, develop, deliver, and support information technology (IT) systems and services. This series covers only those positions for which the paramount requirement is knowledge of IT principles, concepts, and methods; e.g., data storage, software applications, networking. Additionally, these positions have a cybersecurity requirement which involves the security of and operations in cyberspace and encompasses the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery activities, including computer network operations, information assurance, diplomacy, military, and intelligence missions as they relate to securing the global information and communication infrastructure.

As an IT Cybersecurity Specialist, at minimum you will:

  • Evaluate system security plans and procedures, and assist in managing and directing the operations and functions of the office support contractors, addressing IT out-of-compliance issues, preparing, implementing, monitoring, and updating the project plan

  • Develop Plans of Actions and Milestones (POA&Ms) to correct findings of non-compliance

  • Initiate, direct and participate in the full life cycle of cyber security appraisals and network penetration testing of geographically dispersed and operationally diverse agency facilities

  • Develop and recommend new and/or revised inspection, evaluation, and penetration testing methodologies for cyber security appraisals

  • Provide recommendations on implementation strategies and policy recommendations based on industry best practices and governing directives

  • Assist the Division by conducting research, conducting investigations of cyber events to include those that potentially violate regulatory requirements

  • Collaborate with senior leadership, departmental and contractor managers and staff in scheduling, planning, coordinating, and implementing the Independent Oversight Cyber Security Appraisal Program.

Travel Required

Occasional travel

  • Occasional travel may be required, however, dependent upon the program office some positions may require a higher percentage of travel.

Supervisory status

No

Promotion Potential

15 - Vacancies filled under this public notice may have varying levels of promotion potential and supervisory level, if any.

  • Job family (Series)

2210 Information Technology Management

Similar jobs

  • Computer Network Support Specialists

  • Computer Security Specialists

  • Computer Support Specialists

  • Information Technology Specialist (It Specialist)

  • Specialists, Computer Network Support

  • Specialists, Computer Security

  • Requirements

Help

Requirements

Conditions of Employment

  • You must be a United States Citizen.

  • This employer participates in the e-Verify program.

  • See "Other Information" section regarding Selective Service requirements.

  • Telework may or may not be eligible depending on the position requirements

  • May be required to complete a Financial Disclosure Statement

OTHER REQUIREMENTS:

These positions are to be filled under the OPM Government-Wide Direct Hire Authority for Certain Cybersecurity and Related positions for grades GS 12-15. This serves as a public notice for the use of the Direct Hire Authority in accordance with 5 U.S.C. 3327 and 3330 and 5 CFR 330. Under this recruitment procedure, applications will be accepted for each location/ installation identified in this Public Notice. There may or may not be actual/projected vacancies at the time you submit your application.

Positions are located agency-wide and may be filled as permanent, term, or temporary with a full-time or part-time work schedule. Pay will vary by geographic location.

Appointments made with this authority are processed as a new appointment into the Civil Service.

The vacancies filled through these appointments have varying levels of background investigative requirements, up to a Top Secret

  • DOE "Q" clearance.

Status and Non-Status applicants from outside DOE selected under this authority are required to serve a mandatory one (1) year probationary period. A DOE career status employee selected for this position may be required to serve a new one (1) year probationary period, pursuant to 5 CFR 315.802.

A preliminary background check must be completed before a new employee can begin work. Current Federal employees or other individuals with an existing completed background investigation may not be required to undergo another background check.

All positions are subject to satisfactory security and suitability determinations.

Positions may be designated as a Testing Designated Position (TDP) and subject to testing for illegal drug use. A negative drug test must be obtained prior to being appointed into these positions and will be subject to random testing thereafter.

Qualifications

SPECIALIZED EXPERIENCE REQUIREMENTS

Applicants must have IT-related experience demonstrating each of the four competencies listed below.

  • Attention to Detail
  • Is thorough when performing work and conscientious about attending to detail.
  • Customer Service
  • Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
  • Oral Communication
  • Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
  • Problem Solving
  • Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

In addition to the competencies, a qualified candidate's online application and resume must also demonstrate at least one year of specialized experience equivalent to the next lower grade level in the Federal service.

The specialized experience listed are the minimum requirements for the series, each particular vacancy may have additional experience necessary to meet the applicable grade level. A qualified candidate's online application and resume must demonstrate the above competencies and at least one year of specialized experience equivalent to the next lower grade level in the Federal service. Specialized experience for these positions are defined as:

GS-12: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-11 grade level in the Federal service. Specialized experience includes, but is not limited to:

  • demonstrate experience with a full range of computer, information, cyber, and telecommunications security issues to assure effectiveness within a large organization information security program
  • provide advice, and instruction on cyber security issues
  • participate in the collection and analysis of technical and management data associated with the agency cyber security programs
  • maintain continued technical liaison with the appropriate staff elements throughout the agency
  • exchange information in connection with cyber security requirements

GS-13: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-12 grade level in the Federal service. Specialized experience includes, but is not limited to:

  • provide technical advice, counsel, and instruction on cyber security issues
  • initiate, direct and participate in the full life cycle of cyber security appraisals and network penetration testing of geographically dispersed and operationally diverse agency facilities
  • participate in the collection and analysis of technical and management data associated with the agency cyber security programs
  • maintain continued technical liaison with the appropriate staff elements throughout the agency
  • exchange information in connection with cyber security requirements; prepare various reports, briefings, summaries, and progress reports pertaining to this area
  • prepare and recommend new and/or evaluations, and penetration testing methodologies for cyber security appraisals

GS-14: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-13 grade level in the Federal service. Specialized experience includes, but is not limited to:

  • provide technical advice, counsel, and instruction on cyber security issues
  • initiate, direct, and participate in the full life cycle of cyber security appraisals and network penetration testing of geographically dispersed and operationally diverse agency facilities
  • participate in the collection and analysis of technical and management data associated with the agency cyber security programs
  • maintain continued technical liaison with the appropriate staff elements throughout the agency
  • exchange information in connection with cyber security requirements
  • prepare various reports, briefings, summaries, and progress reports pertaining to this area; prepare and recommend new and/or evaluations, and penetration testing methodologies for cyber security appraisals
  • collaborate with senior level Departmental personnel and contractor managers and staff in scheduling, planning, coordinating, and implementing an Independent Oversight Cyber Security Appraisal Program (or equivalent)

GS-15: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-14 grade level in the Federal service. Specialized experience includes, but is not limited to:

  • provide technical advice, counsel, and instruction on complex cyber security issues

  • initiates, directs and participates in the full life cycle of cyber security appraisals and network penetration testing of geographically dispersed and operationally diverse agency facilities

  • participate in the collection and analysis of technical data associated with the agency cyber security programs; maintain continued technical liaison with the appropriate staff elements throughout the agency

  • exchange information in connection with cyber security requirements

  • prepare various reports, briefings, summaries, inspection guidance, and progress reports pertaining to this area

  • present data to an audit team, perform spot audits, defend compliance positions or create plans and procedures designed to meet regulatory requirements

  • Develop and recommend new and/or revised inspection, evaluation, and penetration testing methodologies for cyber security appraisals

"Experience" refers to paid and unpaid experience. Examples of qualifying unpaid experience may include: volunteer work done through National Service programs (such as Peace Corps and AmeriCorps); as well as work for other community-based philanthropic and social organizations. Volunteer work helps build critical competencies, knowledge, and skills; and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

OPM Qualification Standards for the GS-2210 series can be found at the following website: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/

CTAP/ICTAP candidates: To be considered "well qualified" you must meet all of the requirements as described in this section.

This public notice may be used to fill multiple positions as needed; therefore, applicants must meet the qualifications at the time the applications are reviewed.

Education

QUALIFICATIONS CONT'D:

Your application and resume should demonstrate that you possess the following knowledge, skills and abilities (KSAs). Do not provide a separate narrative written statement. Rather, you must describe in your application how your past work experience demonstrates that you possess the KSAs identified below. Cite specific examples of employment or experience contained in your resume and describe how this experience has prepared you to successfully perform the duties of this position. DO NOT write "see resume" in your application!

  • Knowledge of IT concepts, principles, methods, and practices to plan and carry out complex assignments involving the application of information technology to improve agency programs and operations.

  • Knowledge of cybersecurity principles, concepts, and objectives, including potential cyber vulnerabilities and threats to existing systems, in order to ensure maximum protection for agency systems.

  • Knowledge of Federal IT cybersecurity standards, policies, and practices in order to ensure the functionality, operability, and integrity of installed systems and suggest improvements to improve the security of DOE systems, data, and networks.

  • Knowledge of business process engineering concepts and methods sufficient to participate in studies designed to identify potential improvements in the way information technology is applied to key DOE business functions.

  • Knowledge of, and skill in applying, systems engineering concepts and factors, including structured design; supportability; survivability; reliability; scalability; and maintainability to ensure that applications are optimized for state-of-the-art technology and functionality.

  • Knowledge of advancements and current trends in information technology within DOE, Federal government, and private sectors in order to assist in implementing a robust IT infrastructure.

  • Knowledge of project management principles, methods, and practices in order to collaborate with programs, field sites, and contractor communities to meet current and future business needs of the program. Knowledge of Agile project management techniques to deliver incremental results and value.

  • Skill in communicating, both orally and in writing, to prepare individual and team reports and vulnerability, incident, and provide briefings to management.

EDUCATION:

Education must be obtained from an accredited institution recognized by the U.S. Department of Education.

Foreign education must be reviewed by an organization recognized by the U.S. Department of Education. For special instructions pertaining to foreign education and a list of organizations that can evaluate foreign education, see the Department of Education website.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Technology Specialist (Information Security)

Department Of Energy

Posted 3 weeks ago

VIEW JOBS 1/30/2021 12:00:00 AM 2021-04-30T00:00 * Duties Help Duties Summary The Department of Energy is seeking motivated and highly-qualified candidates for exciting positions available in multiple locations throughout the United States. The mission of the Energy Department is to ensure America's security and prosperity by addressing its energy, environmental and nuclear challenges through transformative science and technology solutions. To learn more about the Department of Energy, please visit the website at www.energy.gov. Learn more about this agency Responsibilities This series covers positions that evaluate the adequacy of, and recommend new or revised, IT security policies, standards, and procedures; review and analyze IT aspects of proposals and integrity studies to determine adequacy and conformity with security requirements; conduct or participate in assessments, audits, appraisals, program reviews, and inspections and surveys, as needed, ensuring effective operations of assigned program areas; analyze existing and/or proposed IT systems for the purpose of identifying and resolving associated security risks by recommending, coordinating and/or employing state-of-the-art technology and cost-effective solutions relative to electronic data acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, encryption and assurance. As an IT Specialist (INFOSEC), at minimum you will: * Ensures the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. * Administers information technology (IT) principles, methods, and security products to protect and maintain the availability, integrity, confidentiality, and accountability of information system resources. * Implements and advises on IT security policies and procedures to ensure the protection of information transmitted from installation using Local Area Networks (LAN), Wide Area Networks (WAN). * Accomplishes risk analysis, security testing, and certification due to modifications or changes to computer systems. Travel Required Occasional travel - Occasional travel may be required, however, dependent upon the program office some positions may require a higher percentage of travel. Supervisory status No Promotion Potential 15 - Vacancies filled under this public notice may have varying levels of promotion potential and supervisory level, if any. * Job family (Series) 2210 Information Technology Management Similar jobs * Computer Security Specialists * Information Technology Specialist (It Specialist) * Specialists, Computer Security * Requirements Help Requirements Conditions of Employment * You must be a United States Citizen. * This employer participates in the e-Verify program. * See "Other Information" section regarding Selective Service requirements. * Telework may or may not be eligible depending on the position requirements * May be required to complete a Financial Disclosure Statement OTHER REQUIREMENTS: These positions are to be filled under the OPM Government-Wide Direct Hire Authority for Certain Information Security and Related positions for grades GS 09-15. This serves as a public notice for the use of the Direct Hire Authority in accordance with 5 U.S.C. 3327 and 3330 and 5 CFR 330. Under this recruitment procedure, applications will be accepted for each location/ installation identified in this Public Notice. There may or may not be actual/projected vacancies at the time you submit your application. Positions are located agency-wide and may be filled as permanent, term, or temporary with a full-time or part-time work schedule. Pay will vary by geographic location. Appointments made with this authority are processed as a new appointment into the Civil Service. The vacancies filled through these appointments have varying levels of background investigative requirements, up to a Top Secret - DOE "Q" clearance. Status and Non-Status applicants from outside DOE selected under this authority are required to serve a mandatory one (1) year probationary period. A DOE career status employee selected for this position may be required to serve a new one (1) year probationary period, pursuant to 5 CFR 315.802. A preliminary background check must be completed before a new employee can begin work. Current Federal employees or other individuals with an existing completed background investigation may not be required to undergo another background check. All positions are subject to satisfactory security and suitability determinations. Positions may be designated as a Testing Designated Position (TDP) and subject to testing for illegal drug use. A negative drug test must be obtained prior to being appointed into these positions and will be subject to random testing thereafter. You must submit an unofficial or official college transcripts in order to substitute education for specialized experience. Qualifications SPECIALIZED EXPERIENCE REQUIREMENTS Applicants must have IT-related experience demonstrating each of the four competencies listed below. * Attention to Detail - Is thorough when performing work and conscientious about attending to detail. * Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. * Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. * Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. In addition to the competencies, a qualified candidate's online application and resume must also demonstrate at least one year of specialized experience equivalent to the next lower grade level in the Federal service. The specialized experience listed are the minimum requirements for the series, each particular vacancy may have additional experience necessary to meet the applicable grade level. A qualified candidate's online application and resume must demonstrate the above competencies and at least one year of specialized experience equivalent to the next lower grade level in the Federal service. Specialized experience for these positions are defined as: Specialized Experience: GS-09: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-07 grade level in the Federal service. Specialized experience includes, but is not limited to: * Conducting risk and vulnerability assessments of planned and installed information systems to the network to identify weaknesses, risks, and protection needs etc. using programs designed specifically for this purpose. * Installing and maintaining software and hardware, controls current versions and future releases of applications software, and documents the physical configuration of an information system. * Ensuring that the hardware and software components of the network infrastructure are properly configured and that the security features and controls appropriate to the intended level of system operation are properly set. GS-11: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-09 grade level in the Federal service. Specialized experience includes, but is not limited to: * Evaluate and initiate appropriate action on requests to satisfy new/unique requirements for the security of various operating systems. * Maintaining systems, networks, security, and connectivity to ensure sound security principles. * Supporting information security activities, initiatives policies, procedures and programs. GS-12: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-11 grade level in the Federal service. Specialized experience includes, but is not limited to: * Maintaining systems, networks, security, and connectivity to ensure sound security principles. * Utilizing computer-based system applications and software including databases and inventory systems sufficient to monitor and track program requirements (i.e., SharePoint), milestones and schedules. * Testing and maintaining network infrastructure including software and hardware to ensure sound security principles. * Evaluate and initiate appropriate action on requests to satisfy new/unique requirements for the security of various operating systems. GS-13: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-12 grade level in the Federal service. Specialized experience includes, * Integrating, maintaining, and enhancing information management and information technology programs to provide systems, tools, and analytical capabilities. * Maintaining and coordinating activities (such as Network/IT Infrastructure Upgrades, Network/IT Resource deployment or Net) to support an organization's office automation efforts. * Supporting information security activities, initiatives policies, procedures and programs for the security of various operating systems. * Coordinating development and implementation of policies and standards for classified network systems regarding sharing and safeguarding classified information. GS-14: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-13 grade level in the Federal service. Specialized experience includes, but is not limited to: * Integrating, maintaining, and enhancing information management and information technology programs to provide systems, tools, and analytical capabilities. * Managing an organization's office automation efforts to integrate, maintain, and enhance the organization's information management and information technology programs to provide systems, tools, and analytical capabilities in support of the organization's mission and operations. * Utilizing computer-based system applications and software including databases, computer-aided design, and inventory systems sufficient to monitor and track program requirements (i.e., SharePoint), milestones and schedules. * Coordinating development and implementation of policies and standards for classified network systems regarding sharing and safeguarding classified information computer network. GS-15: You must have one year of experience at a level of difficulty and responsibility equivalent to the GS-14 grade level in the Federal service. Specialized experience includes, but is not limited to: * Implementing, managing, maintaining, and coordinating activities (such as Network/IT Infrastructure Upgrades and Network/IT Resource deployment) both technical/non-technical, for short/long-term milestones to support an organization's office automation efforts. * Integrating, maintaining, and enhancing information management and information technology programs to provide systems, tools, and analytical capabilities. * Providing in-depth and independent information technology guidance, services, advice, and recommendations to leadership on information security matters. * Performing network monitoring and intrusion detection ensuring sound security principles. "Experience" refers to paid and unpaid experience. Examples of qualifying unpaid experience may include: volunteer work done through National Service programs (such as Peace Corps and AmeriCorps); as well as work for other community-based philanthropic and social organizations. Volunteer work helps build critical competencies, knowledge, and skills; and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. OPM Qualification Standards for the GS-2210 series can be found at the following website: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/ CTAP/ICTAP candidates: To be considered "well qualified" you must meet all of the requirements as described in this section. This public notice may be used to fill multiple positions as needed; therefore, applicants must meet the qualifications at the time the applications are reviewed. Education QUALIFICATIONS CONT'D: Your application and resume should demonstrate that you possess the following knowledge, skills and abilities (KSAs). Do not provide a separate narrative written statement. Rather, you must describe in your application how your past work experience demonstrates that you possess the KSAs identified below. Cite specific examples of employment or experience contained in your resume and describe how this experience has prepared you to successfully perform the duties of this position. DO NOT write "see resume" in your application! * Knowledge of, and skill in applying IT security principles and methods; and IT security products and services sufficient to evaluate, recommend the acquisition of, implement, and disseminate IT security tools, procedures, and practices to protect information assets. * Knowledge of, and skill in applying IT security principles and methods; requirements analysis principles and methods; and procedures for purchasing/using products sufficient to plan and coordinate the delivery of an IT security awareness training program for end users at all levels in the organization. * Knowledge of, and skill in applying IT security principles and methods; analytical ability; and communications techniques sufficient to update the organization's contingency or disaster recovery plans to respond to new security requirements or changes in the IT architecture; and present updated plans to the IT security manager for review and approval. * Knowledge of, and skill in applying IT security principles and methods; requirements for certification and accreditation; systems testing and evaluation; and performance management methods sufficient to plan and conduct security accreditation reviews for installed systems or networks; and recommend new or revised security measures and countermeasures based on the results of accreditation reviews. * Knowledge of, and skill in applying information systems security principles; and test and assessment methods sufficient to evaluate new security authentication technologies such as public key infrastructure certificates, secure cards, and biometrics; recommend the purchase of authentication software; and administer and monitor implementation. * Knowledge of oral and written communication techniques sufficient to prepare and present reports and represent the organization in interactions with other organizations. EDUCATION At the GS-9 level, a master's degree or equivalent graduate degree; or 2 full years of progressively higher level graduate education leading to such a degree may be substituted. At the GS-11 level, a Ph.D. or equivalent doctoral degree, or 3 full years of progressively higher level graduate education leading to a Ph.D. or equivalent doctoral degree. If you are relying on your education to meet qualification requirements: Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education. Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating. Education must be obtained from an accredited institution recognized by the U.S. Department of Education. Foreign education must be reviewed by an organization recognized by the U.S. Department of Education. For special instructions pertaining to foreign education and a list of organizations that can evaluate foreign education, see the Department of Education website. Department Of Energy Oak Ridge TN

Information Technology Cybersecurity Specialist

Department Of Energy