This position is located in the Department of Homeland Security (DHS), United States Coast Guard (USCG), Cyber Command (CGCC), Assessment and Authorization (A&A) located in Alexandria, Virginia.
Basic Requirement: Individual Occupational Requirements (IOR) for the IT Cybersecurity Specialist (INFOSEC), GS-2210-13 position: Your resume must have IT-related experience in the federal service or private sector demonstrating the following four competencies, as defined below. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. AND In addition to meeting the basic IOR, you must also have at least one (1) full year of specialized experience equivalent to at least the GS-12 level in the federal service or private sector. Specialized experience is experience that has equipped you with the particular ability, skill, and knowledge to successfully perform the duties of this position and is typically in or related to this line of work. Specialized experience must include the following: Perform network security monitoring, threat hunting, threats detection within Information Technology (IT) environments; Apply advanced analytical techniques and methodologies to analyze data flow needed to determine potential and actual intrusions; Evaluate the need for risk and vulnerability assessment to provide technical advice, guidance and recommendations on Risk Management Framework (RMF)/Information Assurance (IA) issues; Employ advance knowledge in the design of security policies and specific systems security programs using a comprehensive, integrated, and systematic application of multiple automation security disciplines to develop an optimum automation security posture; and Collaborate with external/internal customer to ensure IT strategic planning and project management activities improves the confidentiality, integrity, and availability of systems, networks and data. NOTE: All experience statements (i.e., duties, specialized experience, or occupational assessment questionnaire) copied from this announcement and pasted into your resume will not be considered as a demonstration of your qualifications for this position. Click on the following link to view occupational requirements for this position: http://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/ National Service Experience (i.e., volunteer experience): Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. The Office of Personnel management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule, C, Non-career SES or Presidential Appointee employee in the Executive Branch, you must disclose this information to the Human Resources Office.
You will serve as an IT CYBERSECURITY SPECIALIST (INFOSEC), GS-2210-13 (DIRECT HIRE), Risk Management Framework Security Analyst, providing mission-critical assessments for Operational Technology (OT), as well as assessments and validations for CG Information Systems (IS) that are in on-premise and cloud environments used to carry out CG missions involving the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. Being a Coast Guard civilian makes you a valuable member of the Coast Guard team. Typical work assignments include: Serve as Risk Management Framework (RMF) Security Analyst providing critical assessments and validation of Information Systems. Conduct risk and vulnerability assessments to identify vulnerabilities, risks and protection required for the implementation of Security Controls. Ensure the application of information security/information assurance policies, principles and practices are correctly implemented for all CG OT/IT services. Assist in the development and review of policies and procedures to ensure Information Systems reliability and accessibility. Conduct security validations, or comprehensive assessments of the management, operational, and technical security controls in CG IS and Cloud IS. Mandatory training is required which must be successfully completed and other training may occur as necessary for success in the position. The following is a list of certifications that are required for the position: Information Assurance (IA) Certification, Information Assurance Managerial (IAM) Level 3, and Information Assurance Workforce Improvement Program, preferably Certified Information Systems Security Professional (CISSP) within 6 months of entering the position.