This position is assigned to the Nonappropriated Fund (NAF) Information Technology (IT) Branch (N946); Fleet and Family Readiness Support Services (N94); Commander, Navy Installations Command (CNIC); Millington, TN. The position is responsible for the cybersecurity of a program, organization, system, or enclave through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.

Duties

In order to qualify for this position, resumes must provide sufficient experience and/or education, knowledge, skills, and ability to perform the duties of the position. Applicant resumes are the key means for evaluating skills, knowledge, and abilities as they relate to this position therefore, applicants are encouraged to be clear and specific when describing experience. Duties include but are not limited to: Develops policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data. Prepares and maintains information systems assurance and accreditation materials. Assesses threats to and vulnerabilities of computer systems to develop a security risk profile. Collects and maintains data needed to meet system cybersecurity reporting. Develops methods to monitor and measure risk, compliance, and assurance efforts. Ensures cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level. Tracks audit findings and recommendations to ensure appropriate mitigation actions are taken. Provides technical expertise in overall risk management practices, continuous monitoring, and improvements to the security posture of the enterprise. Develops policies and procedures to ensure compliance with the Federal Risk and Authorization Management Program (FedRAMP) and Department of Defense FedRAMP+ Cloud Computing data security requirements. Coordinates and conducts systems security evaluations, audits, and reviews. Ensures the rigorous application of information security/information assurance policies, principles, and practices in the delivery of all IT services.

Requirements

• Must successfully pass the E-Verify employment verification check. Any discrepancies must be resolved as a condition of employment.
• Must pass all applicable records and background check.
• Participation in Direct Deposit/Electronic Fund Transfer within the first 30 days of employment is required.

Qualifications

Resumes must include information which demonstrates experience and knowledge, skills, and ability (KSAs) as they relate to this position. Applicants are encouraged to be clear and specific when describing their experience level and KSAs. A qualified candidate must possess: 4-year course of study leading to a bachelor's degree in Cyber Security, Information Assurance, Computer Science, Computer Engineering, Information Technology, Information Systems Management, Business Administration; OR A degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks; OR Three years' specialized cybersecurity experience. A qualified candidate also possess: Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data. Knowledge of Risk Management Framework requirements. Knowledge of information systems security principles and concepts. Knowledge of security assessment and authorization processes. Knowledge of Federal information systems security protocols sufficient to develop, implement, and coordinate activities designed to protect and restore systems. Skill in the interpretation of IT policies, standards, and guidelines. Skill in the maintenance of systems or network accreditation. Skill in the integration of information systems security with other security disciplines. Skill in analyzing/evaluating data and preparing reports. Ability to coordinate and/or collaborate on security activities. Ability to analyze and recommend resolution of complex issues affecting the specialty area. Ability to provide technical advice to personnel at all levels within CNIC enterprise. Ability to communicate effectively both orally and in writing.

Education

If qualifying all or in-part based on education, proof of education MUST be submitted at time of application in order to be considered.

• 4-year course of study leading to a bachelor's degree in Cyber Security, Information Assurance, Computer Science, Computer Engineering, Information Technology, Information Systems Management, Business Administration; OR
• A degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks.OR
• Three years' specialized cybersecurity experience.

Examples of specialized cybersecurity experience include: managing and implementing Risk Management Framework; designation as Information System Security Manager; reviewing and documenting Cloud Computing strategy and security controls; analyzing security strategies to select the best approach or practice; overseeing risk management practices, continuous monitoring, and improvements to the security posture; and applying cybersecurity principles, concepts and methods.

Contacts

• Address CNIC HQ 5720 Integrity Drive, Bldg. 457 Millington, TN 38055 US
• Name: CNIC NAF HRO
• Email: [email protected]