This position is located in the Department of Technology Services (DTS), IT Security Office (ITSO), Security Programs Assessments Division (SPA), Court Unit Security Assessments Branch (CUSA) in Washington, DC.

Duties

The incumbent of this position is a recognized IT cybersecurity expert with the ability to manage independent IT security assessments and provide support, guidance, and assistance to personnel conducting staff assistance visits and to court unit staff members to help them improve their cybersecurity posture, address specific challenges, and enhance their capabilities. The incumbent also plays a crucial role in the administration of the judiciary-unit IT security self-assessment ("scorecard") program. The incumbent performs multiple IT security assignments as directed by the Chief, Court-Unit Security Assessment Branch. Duties of the position include, but are not limited to: Performing Staff Assistance Visits for customers to increase the cybersecurity posture of their site and systems and to educate personnel. The purpose is to help court units improve their security posture, performance, address specific challenges, or enhance their capabilities in particular focus areas including process optimization, operational efficiency, and cybersecurity skills development. The scope of staff assistance visits may vary depending on the specific needs of the court unit or objectives of the visit. Duties may involve providing guidance or assistance in areas such as operations, training, compliance, or technical implementation. Outcomes may include providing recommendations for improvements, training plans, process enhancements, or other actions aimed at helping staff members perform better or overcome challenges. Developing and maintaining the Staff Assistance Visit Process guide to include teaching the process to other team members. Evaluating the existing cybersecurity measures and policies in place at the site including examining network architecture, security protocols, access controls, and data protection mechanisms. Managing court-unit independent IT security assessments (this includes reviewing the quality of the independent IT security assessment activities from planning through report delivery as performed by the assessment teams). Serving as a subject matter expert for IT security-related activities (this includes researching, project planning, service delivery, and reporting). Interfacing with clients and management to understand their security needs. Participating in the development and improvement of processes and resources related to the court-unit independent assessment program to elevate the quality of work performed, improve client understanding, reduce customer level-of-effort, increase assessment acceptance, and risk mitigation, and evolve the independent assessment program to meet the judiciary's needs in a changing environment. Participating in the development and improvement of processes and resources related to the judiciary-unit IT security self-assessment (scorecard) program to elevate the quality of self-assessment data, improve client understanding, reduce client level-of-effort, and evolve the self-assessment program to meet the judiciary's needs in an evolving environment. Providing routine and ad hoc statistical IT security management reports and supporting data, including trend analysis. Providing senior management, operational, and technical controls guidance to staff. Performing multiple IT security assignments as directed by the Chief, Court-Unit Security Assessment Branch. Performing the tasks and meeting the skills, knowledge and abilities as described in NIST Special Publication 800-181 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce for the roles of Security Control Assessment (OG-WRL-012).

Requirements

Qualifications

Applicants must have demonstrated experience as listed below. This requirement is according to the AO Classification, Compensation, and Recruitment Systems which include interpretive guidance and reference to the OPM Operating Manual for Qualification Standards for General Schedule Positions. Specialized Experience: Applicants must have at least one full year (52 weeks) of specialized experience which is in or directly related to the line of work of this position. Specialized experience is demonstrated hands-on technical experience performing ALL of the following: Conducting information security assessments of enterprise business systems; Providing effective remediation of vulnerabilities identified by information security assessments; and Providing effective management, quality assurance and leadership for teams, while producing timely, professional, cost-effective, and highly accurate work products. Desired but not required: Applicants with the following certifications are highly desirable: International Information System Security Certification Consortium (ISC2) Global Information Assurance Certification (GIAC) Information Systems Audit and Control Association (ISACA) CompTIA Cloud Security Alliance

Education

This position does not require education to qualify.

Contacts

• Address Department of Technology Services One Columbus Circle, NE Washington, DC 20544 US
• Name: Kymberli Camber
• Phone: (210) 301-6303
• Email: [email protected]