This position is located within the AO Technology Office (AOTO) of the Department of Technology Services (DTS). The incumbent will serve as the IT Security Team Lead and Information Technology Security Officer (ISO) for AOTO. As a Supervisory Information Technology (IT) Specialist (Security) within the AOTO, the incumbent will lead other IT security professionals.Learn more about this agency
Duties of the position include, but are not limited to:
- Developing and overseeing implementation of IT security policy, guidance, and procedures.
- Creating, updating and maintaining System Security Plans, IT security-related exceptions, security audit findings, and Corrective Action Plans (CAPS).
- Overseeing log management review and analysis activities.
- Making recommendations to improve the incident response and reporting capabilities of AOTO including performing periodic incident response and contingency planning test and exercises.
- Providing technical advisory services to securely design, implement, maintain, or modify information technology systems that are critical to the operation and success of the Judiciary. This includes performing research to identify potential vulnerabilities in and threats to existing and proposed technologies, and notifying the appropriate managers/personnel of the risk potential.
- Participating in change and configuration management decisions via change control boards. Reviewing Change Requests and evaluate the completeness of their descriptions and risk impact to the Judiciary.
- Ensuring the creation and execution of the system's continuous monitoring program, including identifying the controls, approving the test methodology and reporting processed, and coordinating with stakeholders on its implementation.
- Performing risk assessments to periodically re-evaluate the sensitivity of the system, risks and mitigation strategies as well as assessing the impact of new requirements.
- Performing self-assessments of the system safeguards to validate that they are properly implemented and operating as intended. Recommending options for closing or mitigating identified vulnerabilities and independently assessing the effectiveness of their implementation.
- Ensuring a contingency plan is in place for continuity of operations in an emergency and that the developed plans are tested.
- Developing procedures for reporting, documenting, and remediation of technical vulnerabilities, and ensuring appropriate personnel receive training for carrying-out the procedures.
- Coordinating the development and delivery of IT security awareness programs for authorized users, and a specialized program for those with elevated privileges.
Job family (Series)
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/520918100. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.