This position is part of the Defense Threat Reduction Agency.
You may qualify at the GS-13 grade level, if you fulfill the following qualifications: One year of specialized experience equivalent to the GS-12 grade level in the Federal service: Systems security certification and accreditation requirements supporting a Cybersecurity Security Service Provider (CSSP), Evaluation Scoring Metrics (ESM) audits and processes sufficient to ensure the certification and accreditation of associated systems and networks. Federal information systems security processes and protocols sufficient to ensure the ongoing coordination, collaboration and application of information assurance and security activities to maintain the certification and accreditation of cybersecurity systems and networks. Information systems and network security engineering principles and concepts and project management principles and methods sufficient to lead and maintain the implementation of cybersecurity programs designed to anticipate, assess, and minimize system vulnerabilities and to establish vulnerability reporting and management programs. Interpreting and applying the Federal IT security hierarchy sufficient to implement higher level security requirements to a Cybersecurity Security Service Providers (CSSP) new and existing environment such as those resulting from laws, regulations, or Presidential directives and to develop programs or activities to ensure the continued integration cybersecurity programs across multiple IT and systems and disciplines. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
This position serves as Information System Security Officer (ISSO) &/or Program Manager (PM) of multiple classified networks and systems, with responsibility for ensuring Information Assurance and Cybersecurity (per DoD guidance and accepted best practices) is incorporated into the full life cycle of systems in computer and network infrastructure at all classification levels. Develops, improves, and implements Information Assurance Vulnerability Management (IAVM) program on multiple classified networks and systems. Supports certification and accreditation processes, such as Risk Management Framework (RMF), Information Assurance Certification and Accreditation (C&A) Program and Director, Central Intelligence Directive (DCID) 6/3, and assists in development and implementation of plans of action and milestones (POA&M). Ensures networks and systems achieve and maintain Authority to Operate (ATO). Performs periodic and as directed assessments of security controls associated with networks and systems and develops and assists in implementing cost effective remediation plans to address shortfalls. Develops and reports relevant metrics and information on Information Assurance, C&A, and security control status of networks and systems. Assists in conducting Computer Network Defense (CND) including support of incident response, computer forensics, and interaction with internal and external organizations: DTRA Network Operations and Security Center (NOSC), US Cyber Command, Joint Force Headquarters - Department of Defense Information Network (JFHQ-DODIN), counterintelligence and law enforcement. As a INFORMATION TECHNOLOGY SPECIALIST (SECURITY) at the GS-2210-13 some of your typical work assignments may include: Developing, improving and implementing the Information Assurance Vulnerability Management (IAVM) program on multiple classified networks and systems. Supporting certification and accreditation processes, identifying the need for information assurance and information security changes based on new security requirements, technologies or threats and assisting in development and implementation of plans of action and milestones (POA&M). Applying mastery of information assurance and information security principles ensuring networks and systems achieve and maintain Authority to Operate (ATO). Performing periodic and as directed assessments of security controls associated with networks / systems, and developing / assisting in implementing cost effective remediation plans to address shortfalls. Supporting the execution of Computer Network Defense (CND) actions including communicating with internal and external organizations. Independently planning, organizing, prioritizing, and developing schedules to deliver program objectives on schedule and within budget while adhering to DoD regulations and changing situations. Planning, developing and coordinating system processes and specifications necessary to meet IT security requirements at the agency level. Maintaining government property custodianship for security enclave tools related hardware.