Who may apply: United States Citizens This position is located in: IT DIR OFFICE, ACCOUNTING SERVICES, MOCAS SYSTEM, MULTI LINE SUPPORT SYSTEMS BR, ZTCEC

Duties

Conducts and leads various IA security meetings with organizational elements and IT representatives to plan, evaluate, and determine appropriate measures needed to ensure security requirements are met. Performs analysis of operating and application systems software using a variety of fact finding and analytical techniques to determine security vulnerabilities. Develops local risk assessment policies and prepares risk assessments for DFAS information systems using supporting automated assessment tools. Serves as the IA point of contact for internal and external audit organizations and provides audit assistance, support, and coordination, as necessary, relating to security standards and requirements. Oversees and manages the DoD Risk Management Framework (RMF) system authorization documentation for organization-wide systems and maintains a repository for all organizational and systems-level cyber security-related documentation. Develops and performs independent and objective assessments, audits, reviews and evaluations of enterprise information systems and FISCAM information systems internal controls. Serves as a technical authority and focal point for information security policies and procedures, including hardware, software (both applications and systems) and access provision security. Uses prior personal experience, knowledge, and state-of-the-art information technology hardware and software to combat unauthorized access and damage to sensitive data/information. Evaluates system change/programming specifications, and specifies programming instructions, inputs and outputs, structures, and other analytical products to document the functional and cyber security requirements. Participates in various team settings as an expert on software, agile principles, DevSecOps, cloud and the adoption of new technology.

Requirements

• U.S. Citizenship or National
• Suitable for Federal Employment
• Registered for Selective Service (if applicable)
• This national security position, which may require access to classified information, requires a favorable suitability review and security clearance as a condition of employment. Failure to maintain security eligibility may result in termination.

Qualifications

Resumes for federal government positions need more detailed work descriptions and accomplishments than a typical private sector resume. Please be sure to clearly describe the full scope of your work experiences in your resume. Basic Requirement: Applicants must have IT-related experience demonstrating the following competencies appropriate to, or above, the level of this position. Your resume and work experience should clearly support your ability to meet these competencies and will be evaluated as part of the entire application process. Attention to Detail- experience reviewing my own information technology-related work or data and have been asked by others to review their work or data to ensure accuracy, completeness, and consistency with standards Customer Service- experience maintaining relationships with customers, assessing current information technology needs of customers, and developing or identifying information technology products and services that are tailored to meet customer needs Oral Communication- briefing mid-level management and IT staff on the status of information technology systems, projects, or daily operations, including the communication of technical information to a non-technical audience Problem Solving- identifying alternatives to address complex information technology-related issues by gathering and applying information from a variety of sources that provide a number of potential solutions In addition to the Basic Competency Requirements listed above, one year of specialized experience equivalent in level of difficulty and responsibility to that of the next lower grade GS-12 in the federal service, which demonstrates the ability to perform the duties of the position, is required. Specialized experience is defined as experience with NIST and DoD Risk Management Framework (RMF), and security control requirements including current NIST SP 800-37, and NIST SP 800-53 series. Working knowledge of implementing and testing security control, developing and maintaining Security Plan, vulnerability management plan, and incident response plans. Working knowledge in testing security, performing security impact analysis on proposed/pending changes, and managing system's vulnerability compliance and reporting. Working knowledge of USCYBER COM orders/requirements and DISA STIGs, SRGs and Scanning requirements. Volunteer Experience: Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates to paid employment. You will receive credit for all qualifying experience, including volunteer experience. You may qualify for consideration if meeting time-in grade, specialized experience, education requirement, 90 days after competitive appointment requirement, and all other qualification requirements within 30 calendar days after the closing date of the announcement, unless otherwise indicated on the announcement.

Education

Contacts

• Address DFAS - INFO AND TECHNOLOGY DIR OFFICE 4800 Mark Center Drive Alexandria, VA 22350 US
• Name: HR Customer Care Center
• Phone: (317) 212-0454
• Email: [email protected]