This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/job/485665300. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.
In this position, you will serve as an IT Specialist (INFOSEC) in the IT Security Support Branch (ISS) of Information Services (I).
Whether you are new to the Federal Government or an experienced professional seeking a career change, you can make history at the National Archives. Our dedicated staff works across a variety of career fields to safeguard the records of the Federal Government - more than 10 billion of them.
Visit our Employee Gallery at www.archives.gov/careers to see the kinds of dynamic projects our staff are undertaking. If you want a career where you can see the difference your work makes, then join the National Archives!
For more information visit: http://archives.gov/dc-metro/college-park/
This position will be filled using the U.S. Office of Personnel Management (OPM) Government wide Direct Hire Authority for Information Technology Management (Information Security) positions. Under this authority, competitive rating, ranking, and veterans' preference procedures do not apply. Applicants who meet the basic qualification requirements may be forwarded to the Selecting Official for consideration. For more information on Direct-Hire Authority visit: https://www.opm.gov/policy-data-oversight/hiring-information/direct-hire-authority/#url=Fact-Sheet
12/04/2017 to 12/08/2017
$112,021 - $145,629 per year
GS 14
1 vacancy in the following location:
Not required
No
Permanent
Full-Time
14
No
JD10090099JHD
485665300
-Create, update, and maintain all IT security documentation required to obtain NARA Authority to Operates (ATO's) for agency systems.
--FIPS 199 (Federal Information Processing Standard Publication 199, Standards for Security Categorization of Federal Information and Information Systems) form
--System Security Plan (SSP) completed in accordance with NIST Special Publication 800-18. Security plans are maintained in Xacta or on Shared Drives
--Contingency Plan in accordance with NIST Special Publication 800-34
--Annual Contingency Test Plan and Contingency Test report conducted in accordance with the NARA IT Security Requirements (security controls CP-2 and CP-4)
--Configuration Management Plan in accordance with NIST Special Publication 800-128
--Incident Response Plan in accordance with NIST Special Publication 800-61
--Annual Incident Response Plan Test conducted in accordance with NARA IT Security Requirements (security controls IR-3) and Incident Response Plan Test Report generated
--Plan of Actions & Milestones (POA&M) in accordance with the NARA IT Security Requirements, security control PM-4
---Where applicable, resolve and track vulnerabilities identified during security assessments within the timeframe indicated in the POA&M
--Business Impact Analysis (BIA) in agreement with NIST Special Publication 800-34
Initial Privacy Review (IPR) and Privacy Impact Assessment (PIA) in accordance with NIST 800-53 appendix J and the NARA IT Security Requirements, security control AR-2
System level Policy and Procedure documentation
System Component inventory
- Ensure NARA systems are accessed, integrated, accredited, operated, maintained and disposed of in accordance with applicable security policies and practices outlined in NIST Publication 800-53 (latest revision) Security and Privacy Controls for Federal Information Systems and Organizations, NARA Directive 202 NARA Classified Information Security Program and NARA Directive 804 Information Technology (IT) Systems Security.
- Coordinates with the System Owners to ensure that system accounts requests are for valid users, who are eligible for access to the information systems, have a valid need to access the systems, and that all requirements have been met before authorizing access to system(s).
- For all systems, review and validate (recertify) non-privileged user accounts annually and privileged user accounts and rights monthly in accordance with the NARA IT Security Requirements, to ensure the continued need for system access and that the assigned privileges for each user are the minimum required for current job functions.
- Perform Security Controls Testing to audit and inspect system security controls, processes and procedures
- Manage and track system security requirements during all phases of the systems life cycle for all operational and development projects.
- Create, update, and maintain all IT security documentation required to obtain NARA Authority to Operates (ATO's) for agency systems.
- Report, respond, and track security incidents in accordance with the NARA Computer Security Incident Handling Guide.
- Ensure that audit trails are reviewed weekly and retained for the period of time defined in the SSP.
- Respond to data calls (e.g. OIG datacalls, COR requests for system information) to provide security artifacts as requested.
- Develops and recommends NARA computer security policies, guidelines and/or procedures and standards that comply with Federal laws, guidelines and security management practices and which achieve appropriate levels of security for all NARA computer systems. Ranges include minicomputers, networks and stand-alone microcomputers. Policies and standards relate to hardware (including physical access), software (applications and operating systems), data, and communications resources. Policies, procedures and standards provide for protection from unauthorized or inadvertent use, modification, destruction and denial of use of the protected resources, disaster recovery and contingency planning, and personnel training in security awareness.
- Oversees and ensures the implementation of appropriate security controls throughout the system development lifecycle for all NARA IT systems, including National Security Systems, in accordance with the NARA IT Security Program Plan, National Institute of Science & Technology (NIST) standards and Committee on National Security Systems (CNSS) policies, standards and directives.
- Supports the Security Assessment & Authorization of all NARA IT systems, including National Security Systems. Liaises and coordinates with the Insider Threat Program Manager and the Intelligence Community in developing and implementing policies and procedures to support NARA IT systems, including National Security Systems. Works with system owners to resolve technical issues that impact the security of all NARA IT systems
Qualifications by Closing Date: You must meet all qualification requirements by the closing date of the announcement. Please note that qualifications will be subject to verification.
GS-14 - Candidates must have had one (1) year of specialized experience equivalent to at least the next lower grade level. Specialized experience is experience that has equipped the applicant with the particular knowledge, skills, and abilities (KSA's) to perform successfully the duties of the position as described above, and that is typically in or related to the position to be filled.
Examples of specialized experience for this grade level include: Experience equivalent to the GS-13 level: Implementing security controls in accordance with National Institute of Science & Technology (NIST) Security Control Requirements; experience directing security engineering and architecture of IT systems; experience developing and recommending computer security policies, guidelines and/or procedures and standards that comply with Federal laws, guidelines and security management practices; experience conducting IT security assessments; experience providing information security training; experience with Continuity of Operations Programs (COOP); and experience with IT intrusion detections and security incident response.
Please refer to the Office of Personnel Management's, Operating Manual: Qualifications Standards for General Schedule Positions for further information Qualification Standard for 2210 series
Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
Probationary Period: You will be required to serve a one-year probationary period.
Interagency Career Transition Assistance Program (ICTAP) or the Agency Career Transition Assistance Program (CTAP): If you are a displaced Federal employee, you may be eligible under the ICTAP or CTAP guidelines to apply for special selection consideration. You must meet minimum qualifications, including selective factors, experience, and education requirements (if applicable), and be rated well-qualified for the position (i.e., receive a score of 85 or above based on your responses to the Occupational Questionnaire). You must provide a copy of your written notification of ICTAP or CTAP eligibility or a copy of your separation personnel action form with your application or an agency certification that you cannot be placed after injury compensation has been terminated; an OPM notification that your disability annuity has been terminated; or a Military Department of National Guard Bureau notification that you are retired under 5 U.S.C. 8337(h) or 8456. For more information visit: http://www.opm.gov/rif/employee_guides/career_transition.asp.
You will be evaluated for this job based on how well you meet the qualifications above.
Once you complete and submit your application package, a review of your application will be made to ensure you meet the job requirements. To determine if you are qualified for this job, a review of your resume and supporting documentation will be made and compared against your responses to the occupational questionnaire. Your resume must specifically and clearly show your possession of the required specialized experience and your possession of the required competencies.
Your qualifications will be evaluated on the following competencies (knowledge, skills, abilities and other characteristics):
To apply for this position, you must submit a complete Application Package which includes:
1. Your resume, showing Job title, series and grade (if Federal), duties, hours worked per week, starting and ending dates of employment (month and year), and salary.
2. Other supporting documents:
Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education.
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.
To apply for this position, you must complete the online application and submit the documentation specified in the Required Documents section below.
A complete application package must be submitted by 11:59 PM (EST) on 12/08/2017 to receive consideration.
Once the online questionnaire is received, you will receive an acknowledgement email that your submission was successful. We will review your resume and transcript(s) (if appropriate) to ensure you meet the basic qualification requirements. We will evaluate each applicant who meets the basic qualifications on the information provided and may interview the best-qualified applicants. After making a tentative job offer, we will conduct a suitability and/or security background investigation. A final job offer for this position is typically made within 40 days after the closing date of the announcement.
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/job/485665300. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.
Learn more about