Job opening: IT Specialist (INFOSEC)
Salary: $63 738 - 84 441 per year
Published at: Aug 18 2023
Employment Type: Full-time
Based on current hiring restrictions, selectees may be subject to additional approvals prior to an offer being extended.
The position is at the Bureau of the Fiscal Service (FS); Deputy Asst. Commissioner Security Services; Information Assurance Division and Security Assessment Branch, responsible for assessing security of information systems by assisting other IT Specialists performing Security Assessment and Authorization (SA&A) IT security reviews, under direction of a Team or Project Lead.
Duties
As an IT Specialist (INFOSEC), you will:
- Assist in the performance of Security Assessment and Authorization (SA&A) and related activities IT security reviews in accordance with Fiscal Service's SA&A process.
- Assess system applicable Fiscal Service, Treasury, and Federal requirements (such as those from FISMA, NIST, OMB and other sources) for compliance. Review documentation, interview key personnel, and examine evidence of adherence to relevant policy and procedure.
- Perform in-depth analysis and or security testing of information systems, using a wide variety of tools and techniques. Review test results for accuracy, probability, and impact. Report issues to senior team members and technical subject matter experts; retest as needed to validate corrective actions.
- Implement and maintain multiple IT security assurance software tools with direct supervision and guidance from senior technical experts.
- Participate in teams designing and implementing IT initiatives, with a specific focus on the security implications of design or operational decisions. Furnish technical assistance and advice, based upon existing standards and SOPs to ensure security is considered throughout the system's lifecycle.
Qualifications
You must meet the following requirements by the closing date of this announcement.
The experience may have been gained in either the public, private sector or volunteer service. One year of experience refers to full-time work; part-time work is considered on a prorated basis. To ensure full credit for your work experience, please indicate dates of employment by month/day/year, and indicate number of hours worked per week on your resume.
Specialized Experience:
Specialized experience for the GS-09 is defined as one year of experience at the GS-07 level, or equivalent, that is directly related to the position and which has equipped the candidate with the particular knowledge, skills, and abilities to successfully perform the duties of the position. Specialized experience for this position includes ensuring the integrity and availability of systems and networks through analysis of information systems security programs, policies, and procedures.
For the GS-09, examples of such experience could include:
-Experience applying operational standards to identify, isolate and resolve issues; OR
-Experience participating in audit, assessment, evaluation or analytical reviews in accordance with an established process; OR
-Experience assisting with the analysis and security testing of IT systems
AND
In addition to meeting specialized experience, applicants must have IT-related proficiency in each of the four competencies listed below.
-Attention to Detail, such as performing in-depth analysis and security testing of information systems.
-Customer Service, such as ensuring appropriate security requirements are addressed.
-Oral Communication, such as developing briefings, PowerPoint presentations, and meetings on job-related subjects.
-Problem Solving, such as reviewing legislative, regulatory, and procedural material in order to assess impact.
OR
You may substitute education for specialized experience as follows:
- Master's degree or equivalent graduate degree or 2 full years or progressively higher level graduate education leading to a Master's or equivalent graduate degree, in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management or
- degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks.
Education
This job does not have an education qualification requirement.