Who may apply: United States Citizens This position is located in: IT DIR OFFICE, ACCOUNTING SERVICES, NAVY MARINE CORPS SYSTEMS, ACCOUNTING, ZTCCA

Duties

Serve as the Information Systems Security Manager (ISSM) responsible for STANDARD ACCOUNTING BUDGET REPORTING SYSTEM (SABRS). Responsible for implementing, executing, and evaluating financial information system security and cybersecurity programs according to DFAS directives. Apply Information Technology (IT) security principles, methods, and security products to design, protect, and maintain the Confidentiality, Integrity, Availability, and Accountability (CIA) of financial Information System resources. Analyze operating and application systems software using various techniques to identify security vulnerabilities. Prepare and maintain complex RMF submission documents for initial and continuing formal accreditation. Develop and maintain a comprehensive financial system cybersecurity program, including cybersecurity architecture, requirements, objectives, policies, personnel, processes, and procedures. Review IT and control systems programs for compliance with cybersecurity plans, policies, and alignment with business and mission requirements. Modify IT and control systems plans and policies to adapt to changes in business or mission requirements, processes, legislation, or regulatory requirements. Conduct risk and vulnerability assessments of DFAS financial information systems to identify associated vulnerabilities, risks, and protection needs. Implement a Cybersecurity training and education program to ensure all users understand and comply with cybersecurity requirements in accordance with applicable regulations and safeguards. Perform risk management, security, and contingency planning in accordance with the Risk Management Framework (RMF) program. Conduct internal audit functions related to risk management.

Requirements

• U.S. Citizenship or National
• Suitable for Federal Employment
• Registered for Selective Service (if applicable)
• This national security position, which may require access to classified information, requires a favorable suitability review and security clearance as a condition of employment. Failure to maintain security eligibility may result in termination.
• New employees to the Defense Finance and Accounting Service will be required to successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights and responsibilities, visit e-verify.gov.
• This position is designated as a Cyber IT/Cybersecurity Workforce position
• Please note, this is NOT a 100% virtual/remote position where work may be performed from any location in the US. This position is eligible for local telework near the duty station of the position, subject to management review and approval
• This position has been designated as a Cyber Workforce position in the DOD Cyber Workforce Framework role of 722 Information Systems Security Manager proficiency level INTERMEDIATE
• In accordance with the DoD 8140 policy series, the position is subject to completing Foundational Qualifications in 9 months and completing Residential Qualification requirements in 12 months.
• Employee must obtain and maintain all compatible service specific GS 2210 civilian and military skill requirements in Information Technology Program training, certifications, and education
• Participate in continuous professional development program as described in DoDM 8140.03.

Qualifications

Resumes for federal government positions need more detailed work descriptions and accomplishments than a typical private sector resume. Please be sure to clearly describe the full scope of your work experiences in your resume. Basic Requirement: Applicants must have IT-related experience demonstrating the following competencies appropriate to, or above, the level of this position. Your resume and work experience should clearly support your ability to meet these competencies and will be evaluated as part of the entire application process. Attention to Detail- experience reviewing my own information technology-related work or data and have been asked by others to review their work or data to ensure accuracy, completeness, and consistency with standards Customer Service- experience maintaining relationships with customers, assessing current information technology needs of customers, and developing or identifying information technology products and services that are tailored to meet customer needs Oral Communication- briefing mid-level management and IT staff on the status of information technology systems, projects, or daily operations, including the communication of technical information to a non-technical audience Problem Solving- identifying alternatives to address complex information technology-related issues by gathering and applying information from a variety of sources that provide a number of potential solutions AT THE GS-12 LEVEL: In addition to the Basic Competency Requirements listed above, one year of specialized experience equivalent in level of difficulty and responsibility to that of the next lower grade GS-11 in the federal service, which demonstrates the ability to perform the duties of the position, is required. Specialized experience is defined as possessing a detailed knowledge of system security compliance, including in-depth familiarity with relevant security regulations and the Risk Management Framework (RMF), working with all aspects of Federal Information System Controls Audit Manual (FISCAM) and a familiarity of Federal Managers' Financial Integrity Act (FMFIA) standards, encouraging audit readiness efforts by performing basic reviews and documentation preparation. AT THE GS-13 LEVEL: In addition to the Basic Competency Requirements listed above, one year of specialized experience equivalent in level of difficulty and responsibility to that of the next lower grade GS-12 in the federal service, which demonstrates the ability to perform the duties of the position, is required. Specialized experience is defined as hands-on experience in system security compliance, with a demonstrated ability to implement and manage a system Risk Management Framework (RMF); having in-depth knowledge and experience of Federal Information System Controls Audit Manual (FISCAM) and a familiarity of Federal Managers' Financial Integrity Act (FMFIA), applying these standards to maintain a robust risk and control environment; experienced in audit readiness, independently managing documentation, respond to findings, and lead follow-up actions. Volunteer Experience: Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates to paid employment. You will receive credit for all qualifying experience, including volunteer experience. You may qualify for consideration if meeting time-in grade, specialized experience, education requirement, 90 days after competitive appointment requirement, and all other qualification requirements within 30 calendar days after the closing date of the announcement, unless otherwise indicated on the announcement.

Education

Contacts

• Address DFAS - INFO AND TECHNOLOGY DIR OFFICE 4800 Mark Center Drive Alexandria, VA 22350 US
• Name: HR Customer Care Center
• Phone: (317) 212-0454
• Email: [email protected]