This position is part of the Defense Human Resources Activity, Defense Human Resources Activity. The incumbent serves as an Information System Security Officer (ISSO) providing cybersecurity guidance, recommendations, reporting, and subject-matter expertise to IT personnel, program managers, and upper management.

Duties

This position is being filled under the memorandum from the Under Secretary of Defense for Personnel and Readiness (USD(P&R)) "Expansion of Direct Hire Authority for Certain Personnel of the Department of Defense," dated October 15, 2021. As a IT SPECIALIST (INFOSEC) at the GS-2210-12/13 some of your typical work assignments may include: Provide Risk Management Framework (RMF) support to assigned DMDC Information Systems; ensuring that Product Owners (PO) maintain an appropriate operational cybersecurity posture. Maintain the documentation for RMF Assessment and Authorization (A&A) of each information system in accordance with government requirements. Assess the impacts on system modifications and technological advances. Review systems in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document upgrades. Ensuring the confidentiality, integrity and availability of systems, applications networks and data through the planning, analysis, development, implementation, maintenance and enhancement of cybersecurity programs, policies, procedures and tools. Ensure appropriate security controls and measures are in place to safeguard DMDC systems, applications, networks, and data. Anticipate cybersecurity risks to the organization and provide recommendations to reduce and/or mitigate risk to the organization. Advises functional expert management staff on cybersecurity issues pertaining to specific operating systems, hardware, technology, and methodology. Develops policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks and data; designs and implements monitoring, tracking, and reporting procedures and develops and manages short and long range plans for addressing cybersecurity needs. Determine information security requirements by evaluating DMDC business strategies and requirements, researching information security standards; conducting system security and vulnerability analyses and risk assessments, assessing industry architectures/platforms and relative security benefits, and identifying architecture/platform integration issues that prevent the strongest possible security posture.

Requirements

• Must be a U.S. Citizen
• Occasional Travel
• Work Schedule: Full-time
• Males born after 12-31-59 must be registered for Selective Service
• Suitable for Federal employment, determined by a background investigation
• May be required to successfully complete a probationary period
• Overtime: Occasionally
• Tour of Duty: Flexible
• Recruitment Incentives: Not Authorized
• Fair Labor Standards Act (FLSA): Exempt
• Financial Disclosure: Not Required
• Telework Eligibility: This position is telework eligible
• Must obtain and maintain Non-Critical Sensitive (Secret) Security Clearance

Qualifications

You may qualify at the GS -12 , if you fulfill the following qualifications: One year of specialized experience equivalent to the GS -11 grade level in the Federal service as listed below: Utilizes Risk Management Framework (RMF) guidelines and regulations for Information Technology cybersecurity to review ATO packages. Applies IT Systems security principles, concepts and methods to ensure systems reliability, accessibility & prevent and defend against unauthorized access to systems, networks and data. Serves as an Information Systems Security Officer (ISSO) to review network diagrams for security vulnerabilities. Assists in the application of IT systems security certification and accreditation requirements to assess, implement, design, evaluate and integrate required security solutions and system security controls. You may qualify at the GS -13 , if you fulfill the following qualifications: One year of specialized experience equivalent to the GS -12 grade level in the Federal service as listed below: Oversees Risk Management Framework (RMF) for Information Technology cybersecurity directives and procedures for ATO packages. Reviews IT Systems security principles, concepts and methods to evaluate, implement, and disseminate IT security tools and products. Serves as an Information Systems Security Officer (ISSO) to recommend solutions to reduce IT security vulnerabilities, risks and develop strategies on future IT security. Applies IT systems security certification and accreditation requirements to assess, implement, design, evaluate and integrate required security solutions and system security controls. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. In addition to meeting qualifications, your application package must reflect the applicable experience to meet the Individual Occupational Requirements for the 2210, series as listed below: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Please keep your résumé to a reasonable length. If more than five pages are submitted, only the first five pages will be reviewed to determine your eligibility/qualifications.

Education

Substitution of education may not be used in lieu of specialized experience for this grade level.

Contacts

• Address Defense Human Resources Activity 4800 Mark Center Drive Alexandria, VA 22350-110 US
• Name: DHRA Servicing Team
• Phone: 6146920201
• Email: [email protected]