This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/job/502099200. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.
Additional selections may be made from this vacancy announcement to fill identical vacancies that occur subsequent to this announcement.
This position is located in the Governance, Risk and Compliance Section (GRCS) of the Office of the Chief Information Security Officer (OCISO). GRCS manages enterprise-wide information security policies, risk management, and compliance programs that assure confidentiality, integrity, and availability of corporate information and systems.
Learn more about this agency06/12/2018 to 06/26/2018
$123,729 - $206,237 per year
CG 14
2 vacancies in the following location:
Yes—as determined by the agency policy.
Occasional travel - Occasional Travel
Yes—Relocation is authorized
Permanent
Full-time - Competitive Service,
14
No
No
2018-HQ-0245
502099200
Develops, implements, coordinates, and manages the Information Security Assurance Program, and its numerous agency-wide sub-programs that safeguard IT asset and operations and provides vision, guidance and oversight in the development and implementation of substantial Information Security Assurance Program modifications to enhance IT security posture.
Formulates and coordinates recommendations of acceptable levels of risk in authorizing the operation of General Support Systems, Major Applications, and Minor Applications for the Chief Information Officer (CIO).
Analyzes, and directs IT security assessment methods that evaluate the management, operational, and technical security controls applied to assets, including all systems and applications.
Performs and/or directs the validation of risk mitigation processes, action plans, and/or budget cost proposals to address risks identified during assessments and audits of IT assets.
Plans and implements regulatory-compliant, information security assurance policies, procedures and guidance promulgated throughout the Corporation and manages the deployment of automated software products) used for remediation and tracking of corporate-wide IT security weaknesses and vulnerabilities.
Performs analysis of ever-changing regulatory compliance requirements to ensure appropriate levels of continuous controls assessments on agency assets; this provides real-time situational awareness of the security posture of assets to senior management and the Chief Information Officer (CIO).
Devises appropriate degrees of NIST-based technical testing of disparate system, applications, and vendor services to assess the adequacy of implemented security controls.
Responsible for managing resource expenditures, providing training, supervising Information Assurance software deployment efforts, and ensuring contract staff accomplish stated objectives and complete tasks.
Coordinates closely with other sections and senior management, peer-level managers, and service providers, to employ information security assurance solutions that meet federally mandated security requirements and align with industry best practices.
Provides agency-wide, strategic consultation to divisional system owners, divisional Information Security Managers (ISM), directors, and senior management regarding the risk posture of IT systems.
Applicants with status (i.e., current permanent Federal employees in the competitive service and former Federal employees with reinstatement eligibility); those eligible for appointment under special hiring authorities; and veterans eligible for a VEOA appointment.
Applicants without status should apply under FDIC announcement 2018-HQD-0239 to be considered.
U.S. Citizenship is required.
Completion of Confidential Financial Disclosure may be required.
Registration with the Selective Service.
High Risk Position – Background Investigation (BI) required.
Single Scope Background Investigation (SSBI) required.
Qualifying experience may be obtained in the private or public sector. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g. Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic, religious/spiritual; community; student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Additional qualifications information can be found here.You must have Information Technology (IT)-related experience which demonstrates proficiency in each of the following competencies:
• Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
• Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
• Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
• Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.
Applicants must have have GS/CG-13 grade level (or equivalent) experience providing analysis of security and risk management throughout the SDLC according to the National Institute of Standards and Technology (NIST) guidance and/or industry best practices.
There is no substitution of education for the experience for this position.
Qualifications Required:
Applicants eligible for ICTAP (Interagency Career Transition Assistance Program) must achieve a score of 85 or higher in the online assessment to be determined “well qualified” for this position. For more information, click here.
To read about your rights and responsibilities as an applicant for Federal employment, click here.
If selected, you may be required to serve a probationary period.
You will be evaluated for this job based on how well you meet the qualifications above.
Your resume and the online assessment questionnaire will be reviewed, to determine whether you meet the qualification requirements outlined in this announcement. Therefore, it is imperative that your resume contain sufficiently detailed information upon which to make the qualification determination. Please ensure that your resume contains specific information such as position titles, beginning and ending dates of employment for each position, average number of hours worked per week, and if the position is/was in the Federal government, you should provide the position series and grade level.
Your resume will also be evaluated to measure your responses to the assessment questions. If you rated yourself higher on the questionnaire than what is supported by your resume, your overall qualifications assessment may be adversely affected.
The competencies/knowledge, skills, and abilities (KSAs) you will be assessed on are listed below. Top ranked candidates will be referred to the selecting official for further review and consideration.
1. Knowledge of applying Information Security Assurance principals, laws, regulations, and OMB guidelines —specifically Federal Information Security Management Act (FISMA), Homeland Security Presidential Directives (HSPD).
2. Knowledge of National Institute of Standards and Technology (NIST) publications and Federal Information Processing Standards (PIPS), as well as the changing body of data within the NIST 800 series, OMB circulars, and other Federal legislation, laws, executive orders.
3. Knowledge of computer software and hardware support requirements, and the associated security controls, such as physical access control systems, encryption and digital signature software, and virus protection software.
4. Knowledge of Software Development lifecycle (SDLC) and technology terminology as it relates to information security assurance including, but not limited to, Control Selection, Risk Executive Function, Security Impact Analysis, Information Assurance 3-level Tiered-Activities, penetration testing, and third party auditing.
5. Ability to analyze and evaluate the risk posture of assets.
6. Ability communicate both orally and writing to communicate and maintain working relationships with all management levels.
You do not need to respond separately to these KSAs. Your answers to the online questionnaire and resume will serve as responses to the KSAs.
Please review the following to determine your eligibility and which document(s) is required to complete your application:
VETERANS EMPLOYMENT OPPORTUNITY ACT (VEOA) ELIGIBLES AND SPECIAL
HIRING AUTHORITIES FOR VETERANS: If you are applying for consideration under VEOA and special hiring authorities for veterans, click here.
SPECIAL APPOINTING AUTHORITIES FOR PEOPLE WITH DISABILITIES: If you are
applying for consideration under special appointing authorities for people with disabilities, you will be required to provide proof of disability documentation to specify that you are a person who (1) has a severe physical disability; (2) an intellectual disability; or (3) a psychiatric disability. Severe physical disabilities include but are not limited to blindness, deafness, paralysis, missing limbs, epilepsy and dwarfism. The documentation does NOT need to detail your specific disability, medical history or need for accommodation, however, the letter should clearly state that you are eligible for appointment under this authority. THE DOCUMENTATION MUST HAVE BEEN OBTAINED FROM: (a). Licensed medical professionals; or (b). State or private vocational rehabilitation specialists; or (c). Any Government agency (e.g. VA, etc.) that issues or provides disability benefit. To view sample Schedule A proof of disability letters and for more information on this special appointing authority, click here. Please note that employees hired under this Schedule A hiring authority will be required to complete a Standard Form 256 to identify their disability status.
INTERAGENCY TRANSITION ASSISTANCE PROGRAM (ICTAP): If you are a
displaced or surplus Federal employee eligible for consideration under the ICTAP, you must submit proof of eligibility. For more information, click here.
CURRENT FEDERAL EMPLOYEES OR REINSTATEMENT ELIGIBLE WITH
COMPETITIVE STATUS: A copy of your most recent SF Form 50, Notification of Personnel Action, that shows: (1) permanent or career-conditional tenure (codes 1 or 2, in block 24), and (2) position occupied in the competitive service (code 1, in block 34). To be considered as a non- competitive eligible candidate, the SF-50 must show the highest grade level or promotion potential level applicant has attained competitively and grade must be equivalent or higher than the grade for which applying.
NONCOMPETITIVE CONVERSION ELIGIBLES UNDER A PATHWAYS PROGRAM: If you are applying under this noncompetitive conversion authority, you must provide proof of program completion. A letter from your current agency certifying completion is acceptable documentation.
FDIC EMPLOYEES: Submit a final digitally signed copy of your most recent Annual Performance Appraisal and Evaluation form. The final PDF form is also acceptable.
Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education.
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.
To begin, click the “Apply” button and follow the prompts. If you haven’t already, register and establish a USAJOBS account. After you register online, click the “Apply” button to complete the online assessment questionnaire, and submit all required documents. Please be sure to click “Submit Application” to complete the application process.
You must apply online. Applicants requesting an exception from the online process must contact the Human Resources Specialist or contact point listed in this announcement prior to 12:00 noon local time on the closing date.
To return to your saved application, log in to your USAJOBS
account and click on “Applications” tab. Click on the “Position Title,” and then select “Update Application” or “Additional Application Information” to continue.
You have until 11:59 p.m. EST (Eastern Standard Time) on the closing date of this announcement to complete the application process.
Please ensure you have completed the application process by verifying the status of your application on-line to reflect: “Received”. Failure to complete the application process will result in an incomplete application and you will not be considered for the position.
You may check the status of your application on-line 24 hours a day, 7 days a week through USAJOBS by signing in and selecting "Application Status." Thank you for your interest in working for the Federal Deposit Insurance Corporation.
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/job/502099200. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.
Learn more about