This position serves as an Information System Security Officer (ISSO) and is responsible for the day-to-day activities that support the security authorization for one or more Marketing and Regulatory Programs Information Technology systems which includes, but is not limited to, the Authorization and Assessment, FedRAMP certification, and Continuous Monitoring.

Duties

The duties may include, but are not limited to: Support the ISSPMs, System and Business Owners, and other system stakeholders to ensure the effectiveness of the system cybersecurity and privacy programs. Collects, collates, tracks, and uses information generated by the various cybersecurity processes such as continuous monitoring, RMF controls analysis, audit reports, and cyber operations plans. Perform tasks delegated by the ISSPM in support various information assurance programs such as security authorization activities. Builds partnerships amongst other ITD Directorates and teams and fosters cross-functional teamwork to apply cybersecurity authorization best practices. Performs systems security evaluations, investigations, audits, and reviews related to the formal Assessment and Authorization process culminating in a signed Authority to Operate Interprets, develops, recommends, evaluates effectiveness of, and disseminates policy and guidance on Risk and Compliance program requirements. Serves as a key advisor in risk assessments of IT systems and adheres to configuration management best practices to ensure security controls are maintained over the life of IT systems. Optimizes the effectiveness and efficiency of the Cybersecurity Authorization program based on internal and Department-mandated performance metrics.

Requirements

• You must be a US Citizen or US National.
• Individuals who were born male after 12/31/1959 must be Selective Service registered or exempt.
• Subject to satisfactory adjudication of background investigation and/or fingerprint check.
• Successful completion of one-year probationary period, unless previously served.
• Direct Deposit: Per Public Law 104-134 all Federal employees are required to have federal payments made by direct deposit to their financial institution.
• Successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights and responsibilities, visit E-Verify at https://www.e-verify.gov/
• This position requires the incumbent to obtain training and professional certification in Certified Authorization Professional (CAP) status within 18 months.

Qualifications

Applicants must meet all qualifications and eligibility requirements by the closing date of the announcement, including specialized experience and/or education, as defined below. FOR THE GS-13 LEVEL: Applicants must have one year of specialized experience (equivalent to the GS-12 level) that may have been obtained in the private or public (local, county, state, Federal) sectors which demonstrates: Conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs and ensure the proper implementation of management, technical, operational and privacy controls for all IT systems. Conducting systems security evaluations, investigations, audits, and reviews related to the formal Certification and Accreditation (C&A) or Authorization and Assessment (A&A) process culminating in a signed Authority to Operate (ATO). Participating in network and architecture design reviews to ensure implementation of appropriate systems security policies. Developing policies and procedures around compliance/governance or cloud security. Managing Plan of Action and Milestones (POA&Ms) for all assigned IT systems. Note: There is no education substitution for this grade level. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

Education

This position does not have an education qualification requirement.

Contacts

• Address Animal and Plant Health Inspection Service USDA APHIS MRPBS 250 Marquette Avenue, Suite 410 Minneapolis, MN 55401 US
• Name: MRP Human Resources
• Phone: 612-336-3227
• Email: [email protected]