To qualify at the GS-9: Successful completion of a master's degree or equivalent graduate degree or 2 full years of progressively higher level graduate education leading to a master's degree or equivalent graduate degree in the appropriate field (see below**).
One year of specialized experience (see below*) equivalent to at least the GS-7 in federal service. Examples of qualifying experience may include: experience assisting higher level specialists with validating NERC/CIP standards and/or FISMA certification and accreditation standards; or experience applying IT security standards and practices as they relate to networks, firewalls, and various operating systems.
To qualify at the GS-11: Ph.D. or equivalent doctoral degree or 3 full years of progressively higher level graduate education leading to a Ph.D. or equivalent doctoral degree in the appropriate field (see below**).
One year of specialized experience (see below*) equivalent to at least the GS-9 in federal service that included experience ensuring compliance with NERC CIP and/or FISMA standards; and the development of processes, plans, and/or policies required by such standards.
To qualify at the GS-12: One year of specialized experience (see below*) equivalent to at least the GS-11 level that included experience ensuring compliance with NERC, CIP and FISMA standards; the development of processes, plans, and/or policies required by such standards; and experience conducting and/or auditing certification and accreditation processes of a major IT installation/project under the FISMA certification standards.
*Specialized Experience: Experience that has equipped the applicant with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position and is typically in or related to the work of the position to be filled. Such experience is typically gained in the information technology (IT) and NERC compliance fields or through the performance of work where the primary concern is the design and/or maintenance and operation of IT or Supervisory Control and Data Acquisition (SCADA) systems.
NERC: North American Electric Reliability Corporation
CIP: Critical Infrastructure Protection
WECC: Western Electricity Coordinating Council
FISMA: Federal Information Security Management Act
**Undergraduate or Graduate Education: Degree in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management or degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks. All academic degrees and coursework must be from accredited or pre-accredited institutions.
This vacancy announcement allows substituting education for experience. You must submit a copy of your college transcript (unofficial copy is acceptable) to support your education if you are substituting education for experience. Transcripts must include the name of the college or university and date the degree was conferred.
You must meet all qualification requirements, including any selective factors, by the closing date of the announcement.
HOW YOU WILL BE EVALUATED:
Category rating and selection procedures will be used to evaluate applications from this announcement. If you meet the basic qualification requirements, your on-line responses to the vacancy assessment questionnaire will be used to determine the quality and extent of your experience, education, training, etc., for placement in one of the following categories: 1) Best Qualified, 2) Well Qualified, and 3) Qualified. Qualified candidates will be assigned a numerical score on a scale of 70-100 and veterans with preference will be placed at the top of their respective category. The assessment questionnaire will take you approximately 45 minutes to complete.
Applicants will be further evaluated on the following “Knowledge, Skills and Abilities (KSAs)” through your resume and responses to the online questions.
1. Knowledge of IT security requirements to implement environmental control measures, risk assessment, and quantitative justification of physical security controls, backup and recovery for the data processing and telecommunications systems, and contingency planning.
2. Thorough knowledge of IT security certification and accreditation requirements.
3. Knowledge of NERC/WECC CIP requirements to coordinate the implementation of compliance measures.
4. Knowledge of modern IT hardware/software technology and risk management measures.
5. Ability to communicate effectively both orally and in writing.
Applicant’s answers to questions will be verified against information provided in their online resume. Be sure that the resume clearly supports the responses to all the questions by addressing experience, education, and/or training relevant to this position. Applicants must make a fair and accurate assessment of their qualifications. If a determination is made that you have rated yourself higher than is apparent in your description of experience, competencies, skills, and/or education/training OR that your resume/application is incomplete, you may be rated ineligible or your score may be lowered.
To preview questions please click here.