IT Specialist (Information Security)

Department Of The Navy Quantico , VA 22134

Posted 3 months ago

  • Duties

Help

Duties

Summary

You will serve as an IT Specialist (INFOSEC) in the DEPARTMENT OF THE NAVY.

This announcement uses the OPM Federal Wide direct hire authority to recruit and appoint qualified candidates to certain positions in the competitive service.

Learn more about this agency

Responsibilities

  • Duties and responsibilities vary and increase according to grade level.

Travel Required

Occasional travel - This position may require travel from normal duty station to CONUS and OCONUS and may include remote or isolated sites. You may need to travel on military and commercial aircraft for extended periods of time.

Supervisory status

No

Promotion Potential

None

  • Job family (Series)
    2210 Information Technology Management

  • Requirements

Help

Requirements

Conditions of Employment

  • Must be a US Citizen.

  • Must be determined suitable for federal employment.

  • Must participate in the direct deposit pay program.

  • New employees to the Department of the Navy will be required to successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights and responsibilities, visit www.dhs.gov/E-Verify/.

  • Within the Department of Defense (DoD), the appointment of retired military members within 180 days immediately following retirement date to a civilian position is subject to the provisions of 5 United States Code 3326.

  • You may be required to successfully complete a pre-appointment physical examination.

  • You may be required to obtain and maintain an interim and/or final security clearance prior to entrance on duty. Failure to obtain and maintain the required level of clearance may result in the withdrawal of a job offer or removal.

  • This position may be covered under the Defense Acquisition Workforce Improvement Act (DAWIA) and may require additional education, training and experience. Positions may be in any DAWIA Career Field at Level I, II, or III.

  • This position may be designated Critical Acquisition Position (CAP). You must be a member of the Acquisition Corps, become a member, or obtain a waiver at the time of selection and sign a three-year tenure agreement prior to assuming the position.

  • Successful completion of a pre-employment drug test (including marijuana) may be required. A tentative offer of employment will be rescinded if you fail to report to the drug test appointment or pass the test. You may be subject to random testing.

  • You may be required to complete ethics orientation within three months of appointment and submit a Confidential Financial Disclosure Report, OGE-450, within 30 days of appointment.

  • Supervisors in the executive branch have a heightened personal responsibility for advancing government ethics. If selected for a supervisory position, you will be required to review the 14 General Principles of Ethical Conduct at 5 CFR 2635.101.

  • Position selected for may or may not be under a bargaining unit.

  • Warrant authority above the small purchase threshold may be required.

  • This position may be designated as a Cyber IT/Cybersecurity Workforce position. You must obtain and maintain the credentials as described in SECNAV M-5239.2 within 6 months of appointment.

  • This position may be eligible for part time, full time or ad-hoc telework at the discretion of management.

  • This position may be subject to work an uncommon tour, including nights, weekends, and holidays to meet mission requirements. Overtime or night differential pay and/or unusual duty hours may be required.

Qualifications

For all grade levels, your resume must reflect one year of information technology related experience in the federal service or private or public sector demonstrating the following four competencies: Attention to Detail, Customer Service, Oral Communication and Problem Solving. Specific definitions of each competency for each grade level is listed in the Assessment Questionnaire. In addition, applicants must meet the following minimum qualifications:

GS-09 (or equivalent pay band): Your resume must demonstrate that you have at least one year of specialized experience equivalent to the GS-07 grade level or pay band in the Federal service or equivalent experience in the private or public sector utilizing cyber tools and devices to detect unauthorized activities on the network and applying common defensive cyber methods and techniques (e.g. host interrogation and logs collection, hard drive imaging, data analysis).

GS-11 (or equivalent pay band): Your resume must demonstrate that you have at least one year of specialized experience equivalent to the GS-09 grade level or pay band in the Federal service or equivalent experience in the private or public sector coordinating and administering a cybersecurity program for an organization to ensure the security and integrity of data networks.

GS-12 (or equivalent pay band): Your resume must demonstrate that you have at least one year of specialized experience equivalent to the GS-11 grade level or pay band in the Federal service or equivalent experience in the private or public sector installing, configuring, and operating tools for identification of software vulnerabilities that supports the development, integration, test and evaluation of networking systems.

GS-13 (or equivalent pay band): Your resume must demonstrate that you have at least one year of specialized experience equivalent to the GS-12 grade level or pay band in the Federal service or equivalent experience in the private or public sector planning, integrating, synchronizing, and directing defensive cyberspace operations (e.g. data aggregation and analysis, live and dead box digital forensic analysis, critical systems dependency mapping) to enable freedom of action across warfighting domains.

GS-14 (or equivalent pay band): Your resume must demonstrate that you have at least one year of specialized experience equivalent to the GS-13 grade level or pay band in the Federal service or equivalent experience in the private or public sector managing interdisciplinary project teams, overseeing systems integration and implementation projects, reviewing systems capabilities, providing comprehensive risk assessments and implementing actions to mitigate vulnerabilities.

GS-15 (or equivalent pay band): Your resume must demonstrate that you have at least one year of specialized experience equivalent to the GS-14 grade level or pay band in the Federal service or equivalent experience in the private or public sector directing, planning, developing, and implementing enhanced information assurance and systems cybersecurity programs, policies, standards, and instructions.

Additional qualification information can be found from the following Office of Personnel Management website: https://www.opm.gov/policydata-oversight/classification-qualifications/general-schedule-qualification-standards/2200/informationtechnology-it-management-series-2210- alternative-a/

Education

Applicants must meet the following basic education requirements of the Office of Personnel Management (OPM) Qualifications Standards Manual:

GS-09 (or equivalent pay band): Your resume must demonstrate that you have successfully completed a master's or equivalent graduate degree OR have successfully completed two full years of progressively higher graduate level education leading to a master's degree from an accredited or pre-accredited institution in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management; or, graduate education that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks

GS-11 (or equivalent pay band): Your resume must demonstrate that you have have successfully completed a Ph.D. or equivalent doctoral degree OR you have successfully completed three full years of progressively higher level graduate education leading to a Ph.D. or equivalent degree from an accredited or pre-accredited institution in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management; or, graduate education that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks.

NOTE: Education and experience may be combined for all grade levels for which both education and experience are acceptable.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Systems Security Officer

Prosol

Posted 1 week ago

VIEW JOBS 10/7/2019 12:00:00 AM 2020-01-05T00:00 Summary: The ISSO is responsible to the Chief Security Officer (CSO) for ensuring that an appropriate operational security posture is maintained for each assigned Information System (IS). The ISSO is responsible for the day-to-day implementation, oversight, and maintenance of the security configuration, practices, and procedures for each IS under the ISSOs purview in accordance with FBI and Federal policies and guidelines. Specifically, the ISSO will ensure FISMA compliance for CW AN and the installation/use of Wi-Fi. In addition, the ISSO will address system security issues resulting from students using computers at their hotels and on their bureau issued tablets. In addition to systems, the ISSO will ensure compliance with computer security requirements among our employees and students in government-controlled facilities. The candidate must have the ability to operate effectively under pressure adhering to the ProSol Core Values of Agility: rapid adaptation to the changing requirements and environment of our clients; Excellence: Service quality that exceeds the expectations of our clients; Integrity: Accountability and honesty−always doing the right thing; and Long Term Commitment: Unquestioned loyalty and dedication to our clients, partners and employees. Responsibilities: ISSO duties and responsibilities fall into five main areas: * Security operations and management, (including access control and other policy implementation), * Information Systems (IS) security planning & documentation, * Security monitoring and evaluation (including audit, assessment and risk management), * Security awareness and training, and * Security incident reporting and response management. The ISSO is responsible for ensuring the maintenance of the authorized security posture for assigned IS's on a day-to-day basis. This encompasses those activities that ensure the IS, including its administration, processes, and users, are operating in the approved secure manner and as documented in the System Security Plan (SSP). Where IS processes or administration are not his or her direct responsibility, the ISSO must provide oversight and guidance, when required, and coordinate with other members of the security team to ensure compliance with security policies and required procedures. The ISSO writes and maintains the SSP which describes in detail how security will be implemented and managed on the IS throughout its lifecycle, as well as the Security Assessment and Authorization (SAA) documentation and prepares or coordinates the preparation of all other required system security documentation. All data, including the SSP, is entered into the FBI's Governance, Risk, and Compliance (GRC) application, Agiliance's RiskVision. RiskVision is the system used to manage, under continuous monitoring, all accredited FBI ISs. The ISSO conducts continuous security monitoring of assigned IS's to create and support an environment where protection strategies are integrated effectively throughout the IS's lifecycle and incorporated into its everyday business processes. This requires regular and periodic review of the effectiveness of implemented security controls and processes. The ISSO assists in the conduct of SAA activities, from the kickoff meeting to the development and management of Plan of Actions and Milestones (POA&M). This includes the conduct of and support for security assessments and security risk assessment activities and assisting in the development of correction or mitigation strategies. The ISSO also conducts periodic self-assessments of assigned IS's, at least annually, and complies with all other Federal Information Security Modernization Act (FISMA) requirements for documentation and reporting, as assigned. ISSOs are a resource in the divisions to support personnel in reporting security incidents, either through training or assisting FBI personnel in making the report. ISSOs may also submit the required reports when they gain knowledge of security incidents. ISSOs coordinate with IS or security personnel in IS recovery and in the correction or mitigation of security incidents, either at the direction of or in coordination with the ISSM or CSO. Knowledge, Skills and Abilities: Support provided by the ISSO within the Training Division: A. IS Security * Ensure that all IS's are operated, maintained, and disposed of in accordance with security policies and practices outlined in the approved SAA package. * Support all IS SAA activities throughout the SAA process, and ensure that all SAA documentation is developed and maintained in accordance with the SAA. * Ensure that an effective process is implemented for all users to have the requisite security clearances, authorization, and need-to-know before their being granted access to an IS and shall have administered/witnessed the signed user agreements. * Ensure and document that an effective process is implemented for the dissemination, control, management and issuance of user identifications and passwords, and shall provide authorization lists to appropriate system administrators for implementation. * Ensure that all system security requirements are addressed during all phases of the information system lifecycle for assigned systems. * Ensure that all FISMA requirements are documented and submitted on schedule to the government task lead(s). * Ensure that all Plans of Actions and Milestones (if any) under their purview are updated as changes occur, and their status reported to the CSO monthly. * Ensure that required auditable events are established for all IS's under their purview, and audit logs are retained, reviewed in accordance with a schedule established by the CSO, and made available on request from the CSO. Documentary evidence of above shall be maintained. * Implement and maintain an Information Security Awareness and Training program for the Training Division. * Ensure that precautionary measures are exercised to prevent the introduction and/or proliferation of malicious code to the IS-measures such as user awareness training, enforcement of lA policies, and implementation of required audit log reviews. * Oversee all information system recovery processes for assigned information systems to ensure security controls are properly implemented. * Ensure response to all information system data calls within the specified schedule provided by the government. * Ensure that all IS security incidents are reported to the CSO immediately and appropriate action is taken, including the submission of a Security Incident Report in the FBI's reporting system. * Ensure that the release of all media and/or memory components from the FBI facility are managed and documented in accordance with applicable policies and procedures. * Initiate, with approval from the CSO, any protective and corrective measures when information security incident or system vulnerability is discovered. * Present a Program Management Review (PMR) as scheduled or as requested by the government. * Take the Basic ISSO Course within 30 days of assuming ISSO duties and annually thereafter. * Take subsequently identified FBI ISSO training as required by the Security Division or Training Division. * Attend periodic teleconferences or video conferences (via Microsoft Lync) as required by the Task Lead or Program Manager. * As required, submit entries into daily activities log to capture and repo{t on program activities on a daily basis. Required Education and Experience: * 7+ years of experience in computer science or cyber-related field. * Familiar with the use and operation of security tools such as, but not limited to: Tenable's Nessus and/or SecurityCenter, IBM Guardium, HP Weblnspect, or like applications and Network Mapper (NMAP). * One of the following certifications preferred, should be willing to complete within 6 months of hire: CISP, CISM, CISA, CASP or CRISC. Clearance: Top Secret; with ability to be read-in SCI Work environment: Work is primarily performed in an office. Typically, employees sit comfortably to do their work, interspersed by brief periods of standing, walking, bending, carrying papers and books, and extensive periods requiring the use of computer terminals to accomplish work objectives. Workdays: Monday Through Friday; On-site Work Hours: Core hours: 8:00 am – 4:00 pm Travel: None Disclaimer: The above information on this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Additional information: ProSol is an equal opportunity employer, all interested qualified applicants are encouraged to apply, EEO/D/M/V/F. ProSol welcomes and encourages diversity in the workforce. All your information will be kept confidential according to EEO guidelines. Prosol Quantico VA

IT Specialist (Information Security)

Department Of The Navy