IT Cybersecurity Specialist

Selective Placement Factor:This position requires that you hold either the Certified Information System Security Professional (CISSP) Certification or the Certified Information Security Manager (CISM) Certification. Minimum Qualification Requirements: To qualify for this position, you must meet the (1) Basic Requirements AND (2) Specialized Experience for the series to which you are applying. (1) Basic Requirements:Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. GS-5 through GS-15 (or equivalent): For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below. Attention to Detail – Is thorough when performing work and conscientious about attending to detail. Customer Service – Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication – Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving – Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. AND (2) Specialized Experience: To qualify for the GS-14, you must possess at least one full year of specialized experience equivalent to at least the GS-13 grade level in the Federal service, or comparable experience not gained through Federal service. Specialized experience is experience that equipped the applicant with the particular knowledge, skills, and abilities to perform successfully the duties of the position, and that is typically in or related to the work of the position to be filled. Specialized experience is defined as demonstrated experience: 1) applying the National Institute of Standards and Technology (NIST) Risk Management Framework to the full life cycle of an information system; 2) working with Security Control Frameworks such as NIST SP800-53 Rev.5, International Standards Organization (ISO) 27001/27002, Service Organization Controls (SOC) SOC2, or Center for Internet Security (CIS) Critical Security Controls including applying security controls to an enterprise information system and crafting meaningful and applicable implementation statements for both On-Premises and Cloud systems to include reading and interpreting Customer Responsibility Matrices and Control Implementation Summaries; security control selection and tailoring; and continuous monitoring; 3) with third-party cybersecurity auditing and audit response including coordinating artifact collection and advising management on appropriate responses to notices of findings; 4) using an enterprise-level Governance, Risk, and Compliance tool such as Xacta or Cyber Security Assessment and Management (CSAM); and 5) managing information system security documentation and compliance; assessing administrative and technical security controls, interpreting cybersecurity policies and standards; and auditing implementation statements for on-premises and cloud-based systems. MUST MEET ALL. Additional information on the qualification requirements is outlined in the OPM Qualification Standards Handbook of General Schedule Positions and is available at OPM’s website: https://www.opm.gov/qualifications/standards/indexes/num-ndx.asp All qualification requirements must be met by the closing date of this announcement.
DIRECT HIRE AUTHORITY: This position is being filled through the office of Personnel Managements (OPM) Government-Wide Direct-Hire Authority for this occupation and is open to all U.S. Citizens. Since the Direct-Hire Recruitment Authority is being used, traditional Veterans Preference rules do not apply. Qualified Veterans will, however, be given full consideration for this position.