• Help



    As the world's largest finance and accounting firm, the Defense Finance and Accounting Service (DFAS) pays all Department of Defense (DoD) military and civilian personnel, retirees and annuitants, and major DoD contractors and vendors. We take great pride in serving the men and women who serve America, and invite goal-oriented people like you to challenge yourself while providing a service to our nation. Employment with DFAS means access to generous benefits such as: health, vision, and dental insurance, retirement benefits, paid time off, and educational benefits.

    DFAS is using the Direct Hire Authority (DHA) for DOD Cyber Workforce Positions to recruit and appoint individuals to positions that meet the definition of "cyber workforce" (also known as "cyberspace workforce") as defined in DoDD 8140.01, "Cyberspace Workforce Management," and must be anticipated to become part of the cyber excepted service. Positions in the cyber excepted service are positions necessary to carry out the responsibilities of the United States Cyber Command.

    Vacancy Information: This job announcement is being used to recruit several similar positions across the I&T Directorate, in either Cleveland, OH, Columbus, OH, and/or Indianapolis, IN.

    Salary range represents the lowest GS-12 pay for Indianapolis, IN and the highest GS-12 pay for Cleveland, OH. For the total salary including locality pay for specific locations, go to: http://www.opm.gov/policy-data-oversight/pay-leave/salaries-wages/#url=2018

    Who may apply: United States Citizens

    Learn more about this agency



    • Develops, plans, and implements the Risk Management Framework (RMF) and Cybersecurity Program for assigned systems, serving as a security technical authority for security policies and procedures.
    • Responsible for conducting independent security control assessment procedures to confirm or establish, by testing, evaluation, examining, investigating or competent evidence, that security controls are implemented correctly and are effective.
    • Applies knowledge of DoD Cybersecurity guidance and policy, such as DoD RMF, Defense Information Assurance Certification & Accreditation Process (DIACAP), Federal Information Security Management Act (FISMA), National Institute of Standards and Technology (NIST), Security Requirements Guides (SRGs) and Security Technical Implementation Guides (STIG). Provides input into existing DFAS wide and system level guidance, policies and procedures and creates new guidance, policies and procedures.
    • Responsible for identifying requirements, implementing and testing security technical standards for assigned technologies such as web applications, applications, databases, operating systems, security platforms and network devices. Identifies and implements remediation efforts as necessary. Analyzes identified vulnerabilities determining final risk severity level.
    • Applies knowledge of assigned technology and associated vendor patching processes and methods, and ensures timely and consistent patch management processes and procedures.
    • Responsible for working with, interpreting results of, and recommending remediation of vulnerabilities identified by DoD and DFAS approved security tools such as Host Based Security System (HBSS), Assured Compliance Assessment Solution (ACAS) and Fortify.
    • Prepares narrative and statistical reports, analyzes results, and makes recommendations to management for changes and improvements to security configurations of assigned technologies and systems. Documents policies and best practices in support of Audit Readiness and security compliance requirements.

    Travel Required

    Occasional travel - You may be expected to travel for this position.

    Supervisory status


    Promotion Potential


    Who May Apply

    This job is open to…

    All US Citizens.

    Questions? This job is open to 1 group.

This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/490725600. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.