Information Technology Specialist (Security) *Roster* *Amended*

Department Of The Treasury Ogden , UT 84201

Posted 2 months ago

  • Duties

Help

Duties

Summary

The U.S Department of the Treasury has a distinguished history dating back to the founding of our nation. As the steward of U.S. economic and financial systems, Treasury is a major and influential leader in today's global economy. We have over 100,000 employees across the country and around the world. Come Join the Department of the Treasury and Invest in Tomorrow

See "Other Information" for Locations

  • Amended to clarify positions to be filled IT-Wide and include additional vacancy locations*

Learn more about this agency

Responsibilities

WHAT IS THE IRS INFORMATION TECHNOLOGY DIVISION: The mission of IRS Information Technology is to provide leadership in the delivery of information technology solutions that anticipate and meet enterprise-wide needs by empowering employees to deliver customer-centered, value-creating systems, products, services, and support.

As an Information Technology Specialist (Security), you will:

  • Lead the implementation of security programs designed to anticipate and minimize system vulnerabilities.

  • Review proposed new systems, networks, and software designs for potential security risks; recommend mitigation or countermeasures, and resolve integration issues related to the implementation of new systems within the existing infrastructure.

  • Develop contingency plans (Disaster Recovery or Business Continuation Plans for information technology systems) to ensure availability and accessibility of network resources.

  • Develop long-range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities.

  • Coordinate the implementation of security programs across Tier I, II, and III systems, and establish vulnerability reporting criteria.

  • Review security incident response policies and identify the need for changes based on new security technologies or threats.

  • Implement security requirements, integrate security programs and define the scope and level of detail for security plans and policies.

As a senior expert and consultant to top agency officials, the employee advises on integrating IT programs with the IRS Cybersecurity Program and other business programs of equivalent complexity within the agency.

  • Responsibilities include:

  • Develop new theories, architectures, concepts, principles, standards, and methods in IT security, and advises other IT experts throughout Treasury and the IRS, and in other agencies, on a variety of situations and issues that involve applying or adapting new theories, architectures, concepts, principles, standards, methods, or practices, that are developed by the employee or result from the employee's leadership.

  • Plan, develop, and coordinate IRS information security architecture with the security programs and strategies (the IRS workforce security training program or the security audit program), and formulating IRS security program initiatives in response to critical IT security issues;

  • Plan, acquire, and coordinating IRS-wide implementation of government wide IT security defense

  • Provide technical expertise in overall risk management practices, continuous monitoring, and improvements to the security posture of the IRS computer environment.

  • Provide expert advice in audit and compliance; specifically, FISMA, NIST, GAO, TIGTA issues that affect the IRS computing environment.

  • Create and prepare comprehensive reports for executives that include project plans, findings, mitigation strategies and recommendations.

  • Provide technical expertise, abilities and skills to develop a holistic cloud security environment effectively by maintaining industry and globally accepted standards.

  • Provide expert level understanding of cloud security concepts, principals and frameworks and FedRAMP.

  • Provide data architecture standards providing a common Cybersecurity Data Warehouse data vocabulary, requirements and integrated designs that align with enterprise strategy and business architecture.

  • Brief authorizing officials on security risks and manage remediation of security vulnerabilities identified in annual assessments and continuous real time monitoring through creating and managing of plans of action and milestones

  • Implement standard ITIL data services within the Cybersecurity Data Warehouse program.

  • Create diagrams showing key data entities and create an inventory of the data needed to implement the architecture vision.

  • Establish data management and reporting technologies, emerging tools including columnar and NoSQL databases, predictive analytics, data visualization, and unstructured data.

  • Provide an enterprise cyber monitoring, analytics, and coordination capability 24x7x365

  • Performs forensic analysis (handling compromised machines), evaluate/deconstruct malware (e.g. obfuscated code) through open-source and vendor provided tools.

  • Develop intrusion detection signatures to identify those specific indicators that are unique to a particular exposure or zero-day vulnerability, delivering threat & awareness/education briefings, coordination of process development, & technical writing.

  • Develop and maintain Cybersecurity IT security policies.

  • Provide security control integration support to IRS system administrators.

WHERE CAN I FIND OUT MORE ABOUT OTHER IRS CAREERS? If you want to find out more about IRS careers, visit us on the web at www.jobs.irs.gov

Travel Required

Occasional travel - Travel 1 to 5 nights per month may be required

Supervisory status

No

Promotion Potential
15

  • Job family (Series)
    2210 Information Technology Management

  • Requirements

Help

Requirements

Conditions of Employment

  • Refer to other information

  • Click "Print Preview" to review the entire announcement before applying.

  • Must be a U.S. citizen or National

  • Qualifications

In addition to the above you must meet the requirements below:

You must meet the following requirements by the closing date of this announcement:

GS-15 LEVEL: You must have one year of specialized experience at a level of difficulty and responsibility equivalent to the GS-14 grade level in the Federal service. This experience must include Information Technology (IT) related experience that demonstrates each of the following four competencies: 1) Attention to Detail, 2) Customer Service, 3) Oral Communication and 4) Problem Solving. Specialized experience for this position includes: Experience that demonstrates accomplishment of computer project assignments that required a wide range of knowledge of computer requirements and techniques pertinent to the position to be filled. This knowledge is generally demonstrated through assignments that required the ability to analyze a number of alternative approaches in the process of advising management concerning major aspects of IT system design. This would include defining what system interrelationships must be considered, or what operating mode, system software, and/or equipment configuration is most appropriate for a given project.

In addition to the above you must meet the requirements below:

At this level your knowledge and experience must be sufficient to establish, implement, and interpret the requirements for agency compliance with higher level policy directives and executive orders governing infrastructure protection; coordinate the review and evaluation of the agency infrastructure protection program, including policies, guidelines, tools, methods, and technologies; identify current and potential problem areas; update or establish new requirements and make recommendations for a fully compliant infrastructure protection program to be implemented throughout the agency.

  • The experience may have been gained in the public sector, private sector or Volunteer Service. One year of experience refers to full-timework; part-timework is considered on a prorated basis.

  • To ensure full credit for your work experience, please indicate dates of employment by month/year, and indicate number of hours worked per week, on your resume.

Education


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Information Systems Security Analyst

Northrop Grumman

Posted 4 days ago

VIEW JOBS 2/20/2020 12:00:00 AM 2020-05-20T00:00 Put your years of experience into a future of excellence... Northrop Grumman is seeking a novice level Cyber Information Systems Security Analyst (ISSO) to join the Information Security team in Ogden, UT. The Cyber Security organization has overall responsibility for providing information security oversight to all Northrop Grumman classified systems under their respective purview. Responsibilities will include, but are not limited to: * Perform assessments of systems and networks within the networking environment or enclave and identify where those systems and networks deviate from acceptable configurations, enclave policy, or local policy. This is achieved through passive evaluations such as compliance audits and active evaluations such as vulnerability assessments. * Establishes strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Includes support of process, analysis, coordination, security certification test, security documentation, as well as investigations, software research, hardware introduction and release, emerging technology research inspections and periodic audits. * Assist in the implementation of the required government policy (i.e., NISPOM, DCID 6-3), make recommendations on process tailoring, participate in and document process activities. * Perform analyses to validate established security requirements and to recommend additional security requirements and safeguards. * Support the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. * Document the results of Certification and Accreditation activities and technical or coordination activity and prepare the system Security Plans and update the Plan of Actions and Milestones POA&M. * Periodically conduct a complete review of each system's audits and monitor corrective actions until all actions are closed. The selected candidate should be familiar with assessing the implementation of technical controls on authorizing systems through the continuous monitoring process. Where new information systems are required by internal customers, the selected candidate will be responsible to work with technical control subject matter experts to create an authorization package for submittal to the relevant authorizing customer. ITS3500 ESCSO NGFeaturedJobs Basic Qualifications: * Master's degree with 0 years of experience; OR a Bachelor's degree with 2 years of experience; OR an Associate's degree with 4 years of experience; OR a High School Diploma/GED with 6 years of experience is required * Must have a DoD 8570 IAM level 1 security certification (examples: Security CE); OR must have the ability to obtain and maintain one within 6 months of start date * Must have the ability to travel up to 50% (~6 months) per year initially * Candidates must have a current Interim Top Secret level security clearance (at a minimum) with an original adjudication, or a periodic reinvestigation date, completed within the last 6 years in order to be considered * Must have the ability to obtain, and maintain, access to Special Programs as a condition of continued employment Preferred Qualifications: * The ideal candidate will have a Master's degree in Cyber Security, a current Security CE, and 2 years of ISSO experience using RMF in a SAP environment * Knowledge of ACAS, NESSUS, SPLUNK, SCAP, POA&Ms, NIST, DIACAP, NISPOM, system audits, vulnerability scanning, and DSS and/or JSIG system security package development are highly desirable * Current Top Secret clearance with SAP access is preferred Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit www.northropgrumman.com/EEO. U.S. Citizenship is required for most positions. Northrop Grumman Ogden UT

Information Technology Specialist (Security) *Roster* *Amended*

Department Of The Treasury