US Government, Department of Education
This position is located in the U.S. Department of Education, Office of the Chief Information Officer, Information Assurance Services Division. It is established to perform specific activities directed at solving problems or accomplishing work processes through the use of Information Technology.
For more details on elgibility, requirements, and evaluation. Please click “Apply Now”, which will take you to the US Gov job platform.
Job Grade: 13
APPLICATION LIMIT: This vacancy announcement is limited to the first 100 applications received and will close at 11:59PM Eastern Time on the day that we receive the 100th application, or at 11:59PM Eastern Time on the listed closing date, whichever occurs first. We encourage you to read this entire vacancy announcement prior to submitting your application.As anInformation Technology Specialist (INFOSEC), GS-2210-13, you will be responsible for: Serving as Information Systems Security Officer (ISSO).
Overseeing and maintaining regulatory requirements and participating on the Change Control Board (CCB) by reviewing changes for security implications and security applications.
Ensuring the integration of Information Technology programs and services; and developing solutions to integration/interoperability issues.
Promoting IT security awareness information to the user community by validating the user community is completing their annual training.
Communicating complex technical requirements to non-technical personnel; managing assigned projects.
Providing technical recommendations for all Risk Assessments and Vulnerability Assessments conducted for the system or site.
Overseeing the security posture for one or more system(s) throughout the entire lifecycle.
Overseeing the implementation of information technology (IT) security controls and security authorization documents; and ensuring the system is compliant with mandated security policies and requirements.
Providing continuous monitoring through scheduled audits, controls testing, and audit reviews, and escalating issues as needed.
Providing security analysis of IT activities to ensure that appropriate security measures are in place and being enforced.
Coordinating penetration testing or other ‘red team’ activities that might occur at/or traverse the system’s infrastructure as part of a Security Control Assessment (SCA).
Specialized Experience for the GS-13:One year of experience in either federal or non-federal service that is equivalent to at least a GS-12 performing two (2) out of three (3) of the following duties or work assignments:1.Experience in assisting other Information System Security Officers (ISSOs) and the Information System Owners (ISOs) with the development and maintenance of system security documentation to include documenting system security controls for complex systems and reflecting this in the System Security Plan (SSP).2.Experience in conducting and reviewing periodic Risk Assessments to identify the impact of implementing any new change, including, but not limited to, vulnerability identification, tracking, remediation, reporting.3.Experience in performing ongoing verification and validation activities to facilitate the identification of information system weaknesses, determination of risks, and identification of remediation actions as part of implementing the Vulnerability Management process.Basic Experience Requirements:You must possess IT related experience (paid or unpaid experience and/or completion of specific, intensive training (e.g., IT certification), as appropriate) demonstrating each of the four competencies listed below.1.Attention to Detail – Is thorough when performing work and conscientious about attending to detail.2.Customer Service – Works with clients and customers (i.e., any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.3.Oral Communication – Expresses information (e.g., ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (e.g., technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.4.Problem Solving – Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.Knowledge, Skills, and Abilities (KSAs):The quality of your experience will be measured by the extent to which you possess the following knowledge, skills and abilities (KSAs). You do not need to provide separate narrative responses to these KSAs, as they will be measured by your responses to the occupational questionnaire (you may preview the occupational questionnaire by clicking the link at the end of the Evaluations section of this vacancy announcement).1. Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.2. Ability to determine levels of risk and overall effectiveness of an enterprise’s cybersecurity program.3. Knowledge of the basics of network security.
You must meet all qualification requirements within 30 days of the closing date of this vacancy announcement.
Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills, and can provide valuable training and experience that translates directly to paid employment. We will consider all qualifying experience, including any volunteer experience.