This announcement is issued under the Direct Hire Authority (DHA) to recruit for positions for which there is a critical hiring need. Selectee(s) will receive a career or career-conditional appointment in the competitive service and may be required to serve a one year probationary period. Who May be Considered: U.S. Citizens View common definitions of terms found in this announcement.

Duties

This position will serve as the Risk Management Officer for Theat Hunting (TH). This position will help TH establish an understanding of the environment in which the risks are to be managed, taking into account political and policy concerns, mission needs, stakeholder interests, and risk tolerance. Typical work assignments include: Serves as senior expert and consultant to top agency management officials to advise on integrating IT programs with other programs of equivalent scope and complexity. Champions awareness of cyber policy and strategy as appropriate among management and ensure sound cyber principles are reflected in the organization's mission, vision, and goals. Conducts risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Oversees risk analysis, feasibility study, and/or trade-off analysis to develop, document, and refine functional requirements and specifications. Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions. Exercises a full range of supervisory and personnel management authorities and responsibilities in directing work of subordinate staff. Analyzes CISA policy and recommends improvements. Develops and maintains cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives and regulatory compliance. Develops long-range plans for IT security systems. Reviews proposed new systems, networks, and software designs for potential security risks. Maintains knowledge of risk management processes (e.g., methods for assessing and mitigating risk).

Requirements

Qualifications

You qualify for the GS-15 grade level if you possess information technology related experience demonstrating each of the four required competencies: Attention to Detail: Is thorough when performing work and conscientious about attending to detail Customer Service: Works with clients and customers to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication: Actively listens and attends to nonverbal cues when responding to questions, ideas, and concerns of others. Communicates influentially, as appropriate. Problem Solving: Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations In addition to the above requirement you must have at least one year of specialized experience at the GS-14 grade level performing the following duties: Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Develop plans to ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals. Oversee risk analysis, feasibility study, and/or trade-off analysis to develop, document, and refine functional requirements and specifications. Lead rigorous review of how cyber policies, principles, and practices are applied in the delivery of planning and management services. National Service Experience (i.e., volunteer experience): Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. All qualification requirements must be met by the closing date of this announcement.

Education

Some federal jobs allow you to substitute your education for the required experience in order to qualify. For this job, you must meet the qualification requirement using experience alone--no substitution of education for experience is permitted.

Contacts

• Address Cybersecurity and Infrastructure Security Agency 1616 N. Fort Myer Dr. CISA-FMD Stop 0380 Arlington, VA 20598-0380 US
• Name: Leah Ellis
• Phone: 202-725-8026
• Email: [email protected]