IT Specialist (INFOSEC)
The major duties of this position include:
Defines and applies principles and theories of common enterprise architecture approach to include purpose (duty to protect), mission need (risk assessment), and controls (design controls to protect) throughout the planning, programming, budgeting, and execution (PPBE) cycle; Defines, plans, and applies architectural elements in the analysis, planning, design, implementation, documentation, assessment, and management of the enterprise security architecture that is aligned with IT strategy and agency mission, goals, structure, and processes; Develops security architecture requirements through sound design methodology, adequate security control application, and effective configuration practices. Ensures secure architectural solutions are incorporated into every aspect of the enterprise architecture supporting an organization's key business processes and organizational mission. Provides the interface between the Enterprise Architect and the Information System Security Engineering as detailed in NIST SP 800-37; Architects counter-measures to contain, control and recover from dynamic cybersecurity events. Maintains integrity of information/data and availability of systems, while maintaining continuity of business operations. Builds architectures that align to missions essential requirements enabling the nexus between physical data and business. Uses knowledge about current threats to identify flaws and weaknesses in the composition of system designs and defenses for the mission and mission critical data. Specifies solutions and verifies solutions that have been implemented. Rapidly adjusts designs based on new defense, threat, and attack information; Follows all Federal and Bureau requirements regarding records management, privacy, FOIA, transparency, ethics, and procurement, and attending and participating in all mandatory training or Bureau events. Specialized Experience for CN-53:
To qualify at CN-53, you must have one year of specialized experience at or equivalent to the next lower grade/band (CN-52, GS-12 or equivalent) in the Federal service. This experience need not have been in the federal government. For this position specialized experience is defined as:
providing advice and guidance on IT security functions including conducting analysis and recommending resolution of complex issues affecting the information security area; AND developing security architecture requirements designing methodology, application of security controls and configuration; AND identifying and providing oversight for the implementation of IT security standards and requirements for IT systems and infrastructure; AND developing policies and procedures to ensure information systems reliability and accessibilities and to prevent and defend networks and data; AND conducting risk and vulnerability assessments of information systems to identify vulnerabilities, risks and protection needs; AND experience in the application of NIST Cybersecurity frameworks and standards such as Cybersecurity Framework, Risk Management Framework, and Privacy Framework. In addition to the specialized experience stated above, applicants must have IT-related experience demonstrating each of the four competencies listed below. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.Customer Service - Working with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolving their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.
Estimated Salary: $20 to $28 per hour based on qualifications.
Defines and applies principles and theories of common enterprise architecture approach to include purpose (duty to protect), mission need (risk assessment), and controls (design controls to protect) throughout the planning, programming, budgeting, and execution (PPBE) cycle; Defines, plans, and applies architectural elements in the analysis, planning, design, implementation, documentation, assessment, and management of the enterprise security architecture that is aligned with IT strategy and agency mission, goals, structure, and processes; Develops security architecture requirements through sound design methodology, adequate security control application, and effective configuration practices. Ensures secure architectural solutions are incorporated into every aspect of the enterprise architecture supporting an organization's key business processes and organizational mission. Provides the interface between the Enterprise Architect and the Information System Security Engineering as detailed in NIST SP 800-37; Architects counter-measures to contain, control and recover from dynamic cybersecurity events. Maintains integrity of information/data and availability of systems, while maintaining continuity of business operations. Builds architectures that align to missions essential requirements enabling the nexus between physical data and business. Uses knowledge about current threats to identify flaws and weaknesses in the composition of system designs and defenses for the mission and mission critical data. Specifies solutions and verifies solutions that have been implemented. Rapidly adjusts designs based on new defense, threat, and attack information; Follows all Federal and Bureau requirements regarding records management, privacy, FOIA, transparency, ethics, and procurement, and attending and participating in all mandatory training or Bureau events. Specialized Experience for CN-53:
To qualify at CN-53, you must have one year of specialized experience at or equivalent to the next lower grade/band (CN-52, GS-12 or equivalent) in the Federal service. This experience need not have been in the federal government. For this position specialized experience is defined as:
providing advice and guidance on IT security functions including conducting analysis and recommending resolution of complex issues affecting the information security area; AND developing security architecture requirements designing methodology, application of security controls and configuration; AND identifying and providing oversight for the implementation of IT security standards and requirements for IT systems and infrastructure; AND developing policies and procedures to ensure information systems reliability and accessibilities and to prevent and defend networks and data; AND conducting risk and vulnerability assessments of information systems to identify vulnerabilities, risks and protection needs; AND experience in the application of NIST Cybersecurity frameworks and standards such as Cybersecurity Framework, Risk Management Framework, and Privacy Framework. In addition to the specialized experience stated above, applicants must have IT-related experience demonstrating each of the four competencies listed below. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.Customer Service - Working with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolving their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.
- Department:
2210 Information Technology Management - Salary Range:
$106,262 to $161,600 per year
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
