Who may apply: This announcement is open to all U.S. Citizens This position is located in: IT DIR OFFICE, ENTERPRISE SERVICES, IT SECURITY SERVICES, ZTAG This position is located in the I&T Security Services Division, and is responsible for implementing Cybersecurity, Risk Management Framework projects, planning and policy management., IT-ZTAG. Pay for first time hires to the Federal Government will typically be set at step 1 salary range for their respective grade level.

Duties

The successful candidate will perform the full range of Sr. IT Cybersecurity Specialist duties. Maintain and update agency level information security policies, methods, and standards in accordance with Department of Defense (DoD), Federal, and National Institutes of Standard and Technology (NIST) standards guidelines. Serve as an agency integrator, analyzing programs, trends and opportunities to provide efficiencies, optimization and improvements. Analyze Cybersecurity and Risk Management Framework programs to ensure agency compliance with DoD requirements. Plan, develop, and implement cybersecurity processes to ensure they operate effectively and are compliant with the Federal Information Systems Security Management Act (FISMA) and other relevant policies, guidelines, and procedures. Oversee the analysis, development, and reporting of the annual RMF program and FISMA reporting. Manage small-to-large size IT cybersecurity and RMF related projects that address the needs of DFAS including requirements gathering, planning, budgeting, scheduling, developing, testing, implementing, and debriefing. Support compliance of agency DoD 8140 programs. Serve as a Sr. Representative to other ISSMs and provides guidance and additional details to questions or concerns. Serves as the central contact with other offices and IT system owners and provides leadership to other ISSMs outside the Division. Serve as a Sr. Representative on RMF related issues to external agencies and DoD CIO level offices As a recognized IT technical authority, works to coordinate the RMF program in line with agency strategy and goals. Leads efforts to continually evolve the RMF program including emerging topics such as Continuous Authorization. Serve as a Senior ISSM for the DFAS Risk Management Framework Program, leading the operation and growth of the RMF Program including Continuous Monitoring, FISMA/Annual Security Assessment, and DFAS Common Control Providers.

Requirements

• U.S. Citizenship or National
• Suitable for Federal Employment
• Registered for Selective Service (if applicable)
• This national security position, which may require access to classified information, requires a favorable suitability review and security clearance as a condition of employment. Failure to maintain security eligibility may result in termination.
• New employees to the Defense Finance and Accounting Service will be required to successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights and responsibilities, visit e-verify.gov.

Qualifications

Resumes for federal government positions need more detailed work descriptions and accomplishments than a typical private sector resume. Please be sure to clearly describe the full scope of your work experiences in your resume. Basic Requirement: Applicants must have cybersecurity and RMF related experience demonstrating the following competencies appropriate to, or above, the level of this position. Your resume and work experience should clearly support your ability to meet these competencies and will be evaluated as part of the entire application process. Attention to Detail- Is thorough when performing work and conscientious in attention to detail in responses, communications and deliverables. Experience reviewing my own information technology cybersecurity-related work or data and have been responsible for reviewing the work of others to ensure accuracy, completeness, and consistency with standards. Customer Service- Works to develop and maintain relationships with customers, anticipating and assessing the current and future cybersecurity needs of customers, and developing or identifying cybersecurity or RMF products or services that are tailored to meet customer needs. Oral Communication- Relays information and briefs senior-level management and IT staff on the status of cybersecurity and RMF projects, or operations, including communicating technical information to a non-technical audience. Problem Solving- Identifies problems and alternatives to address unique, highly complex, or sensitive cybersecurity and RMF-related issues. Anticipates problems, has identified and evaluated sources of information to generate alternative solutions and resolutions. In addition to the Basic Competency Requirements listed above, one year of specialized experience equivalent in level of difficulty and responsibility to that of the next lower grade GS-13 in the federal service, which demonstrates the ability to perform the duties of the position, is required. Specialized experience is defined as providing authoritative Risk Management Framework and Cybersecurity guidance and oversight leading an Agency Cybersecurity and RMF Program. Must have working knowledge in the area of Risk Management Framework to include, but not limited to: NIST SP 800-37, NIST SP 800-53 (current version), DoDI 8500.01, DoDI 8510.01. Working knowledge of federal requirements such as Privacy Act of 1974, OMB A-130 and FISMA working knowledge of information system security controls and auditing requirements; monitoring compliance of cybersecurity programs to information systems security laws, regulations, protocols or security certification and accreditation requirements, which MUST include Risk Management Framework (RMF); AND serving as a senior project manager for complex, high-visibility cybersecurity and RMF related projects, providing oversight and analysis for an organization's systems projects during the entire project life cycle, including planning and development, execution and evaluation of project performance using established qualitative and quantitative tools, techniques, and practices. Volunteer Experience: Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

Education

Contacts

• Address DFAS - INFO AND TECHNOLOGY DIR OFFICE 4800 Mark Center Drive Alexandria, VA 22350 US
• Name: HR Customer Care Center
• Phone: (317) 212-0454
• Email: dfas.indianapolis-in.zh.mbx.dfasmeritcc@mail.mil