This position is located in the Department of Homeland Security (DHS), United States Coast Guard (USCG), Surface Forces Logistics Center (SFLC), Engineering Services Division, Baltimore, Maryland.
To qualify at the GS-12 grade level, applicants must have at least one (1) full year of specialized experience equivalent to at least the GS-11 grade level in the federal sector. Specialized experience is experience that has equipped you with the particular ability, skill, and knowledge to successfully perform the duties of this position and is typically in or related to this line of work. Examples of specialized experience include the following: developing and integrating software services; providing technical resolutions for problems with existing software and systems management; testing, analyzing, evaluating, validates and implementing new technologies; performing some acquisitions duties for IT products. To qualify at the GS-13 grade level, applicants must have at least one (1) full year of specialized experience equivalent to at least the GS-12 grade level in the federal sector. Specialized experience is experience that has equipped you with the particular ability, skill, and knowledge to successfully perform the duties of this position and is typically in or related to this line of work. Examples of specialized experience include the following: developing and integrating software services; providing technical resolutions for problems with existing software and systems management; testing, analyzing, evaluating, validates and implementing new technologies; performing some acquisitions duties for IT products. To qualify at the GS-14 grade level, applicants must have at least one (1) full year of specialized experience equivalent to at least the GS-13 grade level in the federal sector. Specialized experience is experience that has equipped you with the particular ability, skill, and knowledge to successfully perform the duties of this position and is typically in or related to this line of work. Examples of specialized experience include the following: developing and integrating software services; providing technical resolutions for problems with existing software and systems management; testing, analyzing, evaluating, validates and implementing new technologies; performing some acquisitions duties for IT products. Knowledge, Skills, and Ablities: Knowledge of computer and industrial control system networking concepts and protocols, and network security methodologies. [K0001] Knowledge of communication methods, principles, and concepts that support the HM&E systems, equipment, and networks [K0010] Knowledge of industrial control systems. Knowledge of electrical engineering as applied to HM&E systems, equipment, and networks [K0030] Knowledge of installation, integration, and optimization of system components [K0035] Knowledge of incident response and handling methodologies. [K0042] Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). [K0044] Knowledge of information security systems engineering principles (NIST SP 800-160) [K0045] All qualification requirements must be met by the closing date of the announcement. Ability to obtain and maintain an Information Assurance Management Level III (IAM-III) or management determined equivalent is required within two years of entry into this position. In addition to meeting the specialized experience requirement, you must also have IT-related experience demonstrating each of the four competencies listed below. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. National Service Experience (i.e., volunteer experience): Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. The Office of Personnel management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule, C, Non-career SES or Presidential Appointee employee in the Executive Branch, you must disclose this information to the Human Resources Office.
This position is responsible for those activities associated with protecting HM&E information and information systems from unauthorized system activity or behavior and providing these systems with the appropriate levels of confidentiality, integrity, and availability. Being a Coast Guard civilian makes you a valuable member of the Coast Guard team. Typical work assignments include: Supports the RMF process for acquisition and sustainment PIT and PIT Systems. 1. Assists Information System Owners (ISO) and Information System Security Officers (ISSO) with the RMF process including collection of information, analysis of security features, verification of controls, recommendations for implementation of controls, and other duties as defined by Coast Guard policy. 2. Identifies, quantifies, and evaluates the costs/benefits of security functions and considerations to inform analysis of alternatives, engineering trade-offs, and risk treatment decisions. (NIST SP 800-160v1, system security engineering) 3.Performs system security analyses in support of decision making, risk management, and engineering trades; (SP800-161) 4. Demonstrates through evidence-based reasoning, that security claims for the system have been satisfied; (SP800-161) 5.Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. (SP800-181, cybersecurity workforce) 6. Assists ISOs and ISSOs with the maintenance of accreditations of PIT and PIT Systems throughout the acquisition and sustainment processes IAW Coast Guard policy. 7.Assesses the adequacy of the security controls and their ability to protect the system and its information and ensure system confidentiality, integrity, and availability as well as compliance with applicable security requirements (NIST RMF Quick Start Guide) Provides standard security engineering tasks for all HM&E systems. 1. Assist with the development of common security controls and overall security policy for HM&E systems (RMF QSG) 2. Recommend system-level solutions to resolve security requirements and concerns for HM&E systems. Coordinates efforts with ISO, ISSO, Subject Matter Experts (SME), and other entities to resolve security issues. (SP800-161\RMF QSG) 3.Conducts assessments of threats and vulnerabilities; determines deviations from acceptable configurations, enterprise or local policy; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures in operational and nonoperational situations. Coordinates efforts with SMEs, ISOs, Product Line representatives, and other entities to balance risk, usability, and cost. (SP800-181) 4. Assists with the development of system security concepts and provides security engineering support for the various phases of the systems development life cycle; translates technology and environmental conditions (e.g., law and regulation) into system and security designs and processes. (SP800-181) 5. Consults with customers to gather and evaluate functional requirements and translates these requirements into technical solutions. Provides guidance to customers about applicability of information systems to meet business needs. (SP800-181) 6. Performs other duties as assigned.