This announcement is issued under the Direct Hire Authority (DHA) to recruit for positions for which there is a critical hiring need. Selectee(s) will receive a career or career-conditional appointment in the competitive service and may be required to serve a one-year probationary period. Who May Be Considered: U.S. Citizens View common definitions of terms found in this announcement.

Duties

This is a high-profile, public facing position, requiring a unique set of skills ranging from public speaking to technical acumen to the ability to operate professionally in an independent capacity on behalf of the agency. The primary duties associated with this Cybersecurity Advisor position consist of collaborating with partners across the government and private sector to enhance the Nation's cybersecurity by sharing information, providing cybersecurity services and technical assistance, as well as through education and awareness. This position will be required to possess the KSAs and certifications to independently conduct cybersecurity and resiliency assessments and provide industry-appropriate risk analysis with regional information that will support a more accurate estimation of cyber capabilities and cyber risk to national critical infrastructure. Typical work assignments include: Communicate the value of information technology (IT) security throughout all levels of internal and external stakeholders, mainly through direct engagement and public speaking (i.e., panelist participations, resource briefings, and keynote addresses). Conduct cyber protective visits and strategic cyber risk assessments to prepare and protect critical cyber infrastructure assets. Advise senior management (e.g., Chief Information Security Officer [CISO]) on risk levels and security posture; advise senior management on cost-benefit analysis of information security programs, policies, processes, systems, and elements; a; communicate the value of IT security throughout all levels of the organization's stakeholders. Deliver key mitigation capabilities to owners and operators that are designed to reduce risks to the nation's critical cyber infrastructure. Raise awareness and improve coordination with state and local governments as to cybersecurity evaluative methodology, gaps in cyber management practices, and recommended process improvements. Independently evaluates support for critical infrastructure owners and operators and other industry forums/working groups, within the area of responsibility assigned, to identify specific opportunities where CS&C can improve cybersecurity programs, resources, and services offered to critical infrastructure and state, local, tribal, and territorial partners. Participate as a presenter in regional local conferences, summits, seminars and symposia relating to cybersecurity initiatives. Build regional and local cybersecurity coalitions to promote information sharing on best practices and lessons learned. Promote resilience of cyber infrastructure throughout the U.S. and its territories to include helping stakeholders understand and access the full range of CS&C cyber capabilities. Reviews approved or proposed policies such as presidential executive orders, which may affect cybersecurity activities. Provides advice and guidance to resolve, implement, or manage cybersecurity issues that involve major areas of uncertainty in approach and methodology. Serves as an authoritative source of consultation for other managers and program specialists. Presents findings and recommendations on complex issues or problems impacting major programs. Participate in cybersecurity partnerships with and across critical infrastructure owners and operators and state, local, tribal and territorial government. Promote collaborative efforts to reduce risks and threats to critical information, enterprise, communications, and control systems. Participate in the establishment of community-based, regional, and/or statewide cyber security strategies, for state, local, and private partners and stakeholders. Review risk management programs by using evaluation results to create or enhance the effectiveness of the partner's information sharing to support efforts for safeguarding security postures and presents findings to leadership. Advocate new and existing policies, programs, developments related to emerging technologies and cybersecurity technical issues. Collaborate with organizational managers to support mission objectives; collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance; identify alternative information security strategies to address organizational security objective.

Requirements

Qualifications

To be considered minimally qualified for this position, you must demonstrate that you have the required experience for the respective grade level in which you are applying: EXPERIENCE: Experience must be Information Technology (IT)-related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. You must have IT-related experience demonstrating each of the four competencies listed below: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. AND SPECIALIZED EXPERIENCE: In addition to meeting the qualification requirement listed above, you must have at least one year of specialized experience at the next lower GS-grade level (or equivalent). Specialized experience is experience that has equipped you with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position and is typically in or related to the work of the position to be filled. Such experience is typically gained in the IT field or through the performance of work where the primary concern is IT. GS-13 You qualify for the GS-13 grade level if you have at least one (1) year of specialized experience at the GS-12 grade level (or equivalent) performing the following duties: Providing advice and guidance to resolve, implement, or manage cybersecurity issues. Conducting systems security evaluations, audits, and reviews. Developing cybersecurity policies and guidelines to ensure compliance with directives. GS-14 You qualify for the GS-14 grade level if you have at least one (1) year of specialized experience at the GS-13 grade level (or equivalent) performing the following duties: Providing authoritative technical guidance and oversight related to information systems security to include cybersecurity frameworks, controls and auditing requirements. Monitoring compliance of security programs designed to minimize system vulnerabilities by adhering to information systems security, regulations, protocols or security certification and accreditation requirements. Serving as a senior representative for complex, high-visibility information technology projects. National Service Experience (i.e., volunteer experience): Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. All qualification requirements must be met by the closing date of this announcement.

Education

Some federal jobs allow you to substitute your education for the required experience in order to qualify. For this job, you must meet the qualification requirement using experience alone--no substitution of education for experience is permitted.

Contacts

• Address Cybersecurity and Infrastructure Security Agency 1616 N. Fort Myer Dr. CISA-FMD Stop 0380 Arlington, VA 20598-0380 US
• Name: Customer Care Center DEU HR
• Phone: 317-212-0454
• Email: [email protected]