Job Overview

Summary

The Office of Inspector General (OIG) is an independent office within the Department of Interior (DOI) whose mission is to promote excellence, integrity, and accountability throughout DOI. The OIG conducts investigations, evaluations, and audits in order to enhance effectiveness and efficiency and to prevent and detect waste, fraud, and mismanagement in DOI programs and operations.

This position is located in the Department of the Interior (DOI), Office of Inspector General (OIG), Assistant Inspector General for Audits, Inspections, and Evaluations (AIE). The AIE manages, supervises, coordinates, and conducts audits, inspections and evaluations relating to DOI programs and operations, including, but not limited to, waste, abuse and mis-management in such programs and operations of the DOI employees, contractors, grantees, lessees, or any other persons or entities doing business with the DOI. The incumbent of this position serves as an Information Technology Specialist (INFOSEC) responsible for directing the operation of the OIG’s information technology audit program, coordinating and reporting on computer network policies with the DOI and the subordinate Bureaus, providing technical lead in system network intrusion incidents, coordinating data mining initiatives, and implementing a variety of Information Technology (IT) related programs in support of the OIG mission.

This position may be filled in either Lakewood, CO United States or in the Washington D.C. Metro Area, United States.

Duties

The incumbent provides support in audits, inspections, and evaluations. Gathers and analyzes electronic records, creates databases and enters pertinent data to formulate progressive and logical analysis. Develops general audits, inspections, and evaluations strategies and tactics, and assists field offices in coordinating multi-discipline teams supported by Department of the Interior (DOI) and OIG staff and DOI program officials in order to resolve complex IT issues in an automated environment. Makes recommendations to management concerning appropriate changes in Departmental procedures, practices and/or regulations that may be susceptible to IT control weaknesses. Maintains liaison with OIG staff, forensic technicians, security officials, and IT or telecommunications organizations in the private sector. Serves on working and users groups or organizations oriented toward the development or improvement of IT evidence gathering methods or the techniques of computer fraud audits, inspections, and evaluations.

The incumbent is responsible for a wide variety of information security activities that provide a high degree of integrity and availability of a variety of information management systems including software and network analysis, development, maintenance and enhancement of information systems security programs, polices, procedures, and tools. Participates in the certification of information security systems and accreditation process. Plans, implements, and evaluates the Federal Information Security Management Act (FISMA) report and information technology security related functions and activities. Consults with the Financial and Information Technology Audit Unit, other internal and external contacts and authorities, including other Federal government offices, industry vendors, and experts from the private sector. Ensures the OIG adopts complete and best practices in performing FISMA functions. Participates in developing the annual work plan for testing information technology security controls, and assists with procurement of tools and services.

The incumbent keeps up to date on new or changing information security hardware, software, and telecommunication resources. Provides technical expertise, guidance, advice, and recommendations for information security requirements. Responsible for conducting security risk and vulnerability assessments, protection requirements, contingency planning, and disaster recovery processes. Oversees systems evaluations, audits, and reviews to ensure security measures are adequate or recommends enhancements, upgrades or changes. Researches and analyzes a wide variety of complex information security problems and provides responses to resolve.