About the Position: This Position is located at the Madigan Army Medical Center, Tacoma, Washington This is a Direct Hire Solicitation Salary negotiation MAY BE available for those candidates who are new to Federal service.

Duties

Administer and monitor the implementation of the Defense IA Risk Management Framework (RMF). Ensure adherence and compliance on all aspects of the Defense Health Agency (DHA) IA programs Recommend, develop, evaluate effectiveness of, and disseminates policy and guidance on IA program requirements. Provide expert technical advice and guidance concerning IA and RMF matters to the ISSM, Managers and IT Specialists on significant risk management and assessment activities. Conduct vulnerability testing/scanning and analysis, perform technical vulnerability, risk and threat assessments and lead remediation efforts. Ensure all IT devices and networks connected to the Army Information Assurance Vulnerability Management (IAVM), Anti-Virus (AV) Program and Security Technical Implementation Guide (STIG) compliant. Conduct security risk management studies on new computer systems before installation. Ensure that security surveys, risk self-assessments and re-accreditations are performed on the schedule prescribed by regulatory requirement Manage the security operations and compliance of systems in accordance with DoD and National Institutes of Standards and Technology (NIST) guidance.

Requirements

• This position is subject to screening and update of required immunizations unless exempted for medical or administrative reasons in accordance with Army Regulation 40-562, Chapters 3 and 4.
• Appointment may be subject to a suitability or fitness determination, as determined by a completed background investigation.
• This is an Information Assurance Workforce position. Completion of training and certification at level II in Information Assurance Management (IAM-II) IAW DoD Publication 8570.01-M, is required within six months of entering duty.
• Must be able to obtain and maintain Level II IASM CISSP or CISM certifications within six months of entering duty.
• A Personnel Security Investigation is required.
• This position has a mandatory seasonal influenza vaccination requirement and is subject to annual vaccination.
• This position requires the incumbent be able to obtain and maintain a determination of eligibility for a Secret security clearance or access for the duration of employment.

Qualifications

Who May Apply: US Citizens In order to qualify, you must meet the experience requirements described below. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student; social). You will receive credit for all qualifying experience, including volunteer experience. Your resume must clearly describe your relevant experience; if qualifying based on education, your transcripts will be required as part of your application. Additional information about transcripts is in this document. Basic Requirement for the Information Technology Specialist (INFOSEC): (1) Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Examples of IT-related experience demonstrating this competency include completing thorough and accurate work independently, even in the most difficult or stressful situations; occasionally reviewing work completed by others. (2) Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Examples of IT-related experience demonstrating this competency include: resolving routine and non-routine problems, questions, or complaints; developing and maintaining strong, mutually supportive working relationships with customers; conducting evaluation of support to determine quality of services and customer satisfaction, and recommending procedural changes based on customer need or changes in policy and/or regulation. (3) Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Examples of IT-related experience demonstrating this competency include: convincingly conveying complex information to customers; presenting thoughts that are well-organized and demonstrating confidence in the facts and ideas; adjusting style when working with individuals with different levels of understanding; using various methods to explain and convey information. (4) Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Examples of IT-related experience demonstrating this competency include: solving complex or sensitive problems by developing and proposing strategic alternatives; identifying possible conflicts and shared benefits; helping team anticipate problems and identifying and evaluating potential sources of information; providing feedback and coaching to others to help solve problems; engaging appropriate stakeholders when developing solutions in order to understand and incorporate multiple perspectives and needs; evaluating the effectiveness of decisions and adjusting future decisions as appropriate. AND Specialized Experience: One year of specialized experience equivalent to the GS-11 grade level in the Federal service which includes assisting with security of information systems; developing cyber security policies and procedures; implementing and maintaining security controls; conducting risk assessments; and assisting the organization to obtain Authority to Operate (ATO) for devices and system enclaves, security audits, and responding to security incidents. Some federal jobs allow you to substitute your education for the required experience in order to qualify. For this job, you must meet the qualification requirement using experience alone--no substitution of education for experience is permitted.

Education

This job does not have an education qualification requirement.

Contacts

• Address JT-DHA-DD83DE DHA PUGET SOUND MKT-MADIGAN DO NOT MAIL Joint Base Lewis McChord, WA 98431 US
• Name: Army Applicant Help Desk