Senior IT Specialist (INFOSEC) CG-2210-14

US Government Other Agencies and Independent Organizations Washington, DC
* Duties

Help Duties Summary

Additional selections may be made from this vacancy announcement to fill identical vacancies that occur subsequent to this announcement.

This position is located in the Governance, Risk and Compliance Section (GRCS) of the Office of the Chief Information Security Officer (OCISO). GRCS manages enterprise-wide information security policies, risk management, and compliance programs that assure confidentiality, integrity, and availability of corporate information and systems.

Learn more about this agency

Responsibilities

Develops, implements, coordinates, and manages the Information Security Assurance Program, and its numerous agency-wide sub-programs that safeguard IT asset and operations and provides vision, guidance and oversight in the development and implementation of substantial Information Security Assurance Program modifications to enhance IT security posture.

Formulates and coordinates recommendations of acceptable levels of risk in authorizing the operation of General Support Systems, Major Applications, and Minor Applications for the Chief Information Officer (CIO).

Analyzes, and directs IT security assessment methods that evaluate the management, operational, and technical security controls applied to assets, including all systems and applications.

Performs and/or directs the validation of risk mitigation processes, action plans, and/or budget cost proposals to address risks identified during assessments and audits of IT assets.

Plans and implements regulatory-compliant, information security assurance policies, procedures and guidance promulgated throughout the Corporation and manages the deployment of automated software products) used for remediation and tracking of corporate-wide IT security weaknesses and vulnerabilities.

Performs analysis of ever-changing regulatory compliance requirements to ensure appropriate levels of continuous controls assessments on agency assets; this provides real-time situational awareness of the security posture of assets to senior management and the Chief Information Officer (CIO).

Devises appropriate degrees of NIST-based technical testing of disparate system, applications, and vendor services to assess the adequacy of implemented security controls.

Responsible for managing resource expenditures, providing training, supervising Information Assurance software deployment efforts, and ensuring contract staff accomplish stated objectives and complete tasks.

Coordinates closely with other sections and senior management, peer-level managers, and service providers, to employ information security assurance solutions that meet federally mandated security requirements and align with industry best practices.

Provides agency-wide, strategic consultation to divisional system owners, divisional Information Security Managers (ISM), directors, and senior management regarding the risk posture of IT systems.

Travel Required

Occasional travel - Occasional Travel

Supervisory status

No

Promotion Potential

14

Who May Apply This job is open to…

Applicants with status (i.e., current permanent Federal employees in the competitive service and former Federal employees with reinstatement eligibility); those eligible for appointment under special hiring authorities; and veterans eligible for a VEOA appointment.

Applicants without status should apply under FDIC announcement 2018-HQD-0239 to be considered.

Questions? This job is open to 2 groups.

* Job family (Series)

2210 Information Technology Management

* Requirements

Help Requirements Conditions of Employment

U.S. Citizenship is required.

Completion of Confidential Financial Disclosure may be required.

Employment Conditions.

Registration with the Selective Service.

High Risk Position – Background Investigation (BI) required.

Single Scope Background Investigation (SSBI) required.

Qualifications

Qualifying experience may be obtained in the private or public sector. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g. Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic, religious/spiritual; community; student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Additional qualifications information can be found here.You must have Information Technology (IT)-related experience which demonstrates proficiency in each of the following competencies:

* Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

* Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

* Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

* Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Applicants must have have GS/CG-13 grade level (or equivalent) experience providing analysis of security and risk management throughout the SDLC according to the National Institute of Standards and Technology (NIST) guidance and/or industry best practices.

There is no substitution of education for the experience for this position.

Qualifications Required:

Applicants eligible for ICTAP (Interagency Career Transition Assistance Program) must achieve a score of 85 or higher in the online assessment to be determined "well qualified" for this position. For more information, click here.

Education