This position is located in the US Department of Justice (DOJ), Office of Justice Programs (OJP), Office of the Chief Information Officer (OCIO), Information Technology Security Division (ITSD). The incumbent serves as one of the agency's Information Technology Security Specialist. This position manages and oversees all aspects of the OCIO Information Technology Security Division's Security Assessments and acts as the OCIO audit liaison involving all OJP's information systems.

Duties

Manages and oversees all aspects of the Office of the Chief Information Officer's (OCIO) Information Technology Security Division's Security Assessments. Acts as the OCIO audit liaison involving all Office of Justice Programs' (OJP) information systems. Serves as a liaison for cybersecurity audits, for both external and internal contacts. Leads the OCIO Information Security Assurance and Assessment program/projects. Provides advice, guidance, auditing, and assistance to the Chief Information Security Officer (CISO) in formulating and enunciating OJP's cybers security policies, positions, assessment administration and responses to current, emerging, and anticipated IT Security matters and their applicability to OJP information systems.

Requirements

• U.S. Citizenship required.
• Subject to background/suitability investigation/determination.
• Federal payments are required to be made by Direct Deposit.
• Requires registration for the Selective Service. Visit www.sss.gov.
• Pre-employment drug testing required.
• 1-year probationary period may be required.
• Confidential Financial Disclosure may be required
• Security Requirements: Non-Sensitive/Moderate Risk

Qualifications

Screen Out Factors: (1) Attention to Detail; (2) Customer Service; (3) Oral Communication; and (4) Problem Solving. Specialized Experience for GS-11: Applicants must have one (1) year of specialized experience equivalent to at least the GS-09 level. Specialized experience is experience which is in or related to the line of work of the position to be filled and which has equipped the applicant with the specific knowledge, skills, and abilities to successfully perform the duties of the position. Examples of specialized experience include: Participates in reviewing IT audit reports. Collaborates with stakeholders, auditors, and IT staff to interpret and communicate security control requirements. Develops IT security audit plans and schedules to conduct routine security assessments and evaluations. Analyzes audit findings in collaboration with IT teams and auditors to address recognized cyber security gaps and deficiencies. Substitution of Education for Experience for GS-11: Education requirements at the GS-11 level may be met by three (3) full academic years of graduate level education or the successful completion of a Ph.D. or LL.M., if related. Combination of Education and Experience for GS-11: Equivalent combinations of successfully completed education and experience may be used to meet the experience requirements. Specialized Experience for GS-12: Applicants must have one (1) year of specialized experience equivalent to at least the GS-11 level. Specialized experience is experience which is in or related to the line of work of the position to be filled and which has equipped the applicant with the specific knowledge, skills, and abilities to successfully perform the duties of the position. Examples of specialized experience include: Assists IT staff with reviewing draft audit reports for accuracy and comprehensiveness. Confers with auditors regarding an agencies' cybersecurity policies security measures, and procedures required to meet regulatory requirements. Serves as liaison for cybersecurity audits, for both external and internal contacts. Research and/or updates policies, guidelines, and standards for the assessment and evaluation of information technology (IT) systems and subsystems. Specialized Experience for GS-13: Applicants must have one (1) year of specialized experience equivalent to at least the GS-12 level. Specialized experience is experience which is in or related to the line of work of the position to be filled and which has equipped the applicant with the specific knowledge, skills, and abilities to successfully perform the duties of the position. Examples of specialized experience include: Develops and/or updates policies, guidelines, and/or standards for the assessment and evaluation of information technology (IT) systems and subsystems. Coordinates IT security assessments and/or audit activities at an agency-wide level. Coordinates information technology (IT) strategic planning and project management activities. Develops comprehensive assessment plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities. Additional information on the qualification requirements is outlined in the OPM Qualification Standards Handbook of General Schedule Positions and is available at OPM's website: https://www.opm.gov/qualifications/standards/indexes/num-ndx.asp All qualification requirements must be met by the closing date of this announcement.

Education

There is no education requirement for this position.

Contacts

• Address Office of Justice Programs DO NOT MAIL Washington, DC 20531 US
• Name: Jessica Harman
• Phone: 202-307-1593
• Email: [email protected]