This position is located in the Office of The Chief Information Officer, IT Security Division, ISSO Section.Learn more about this agency
This position is located in the Office of the Chief Information Officer within the IT Security Group. The incumbent carries out a wide range of complex assignments to further the goals and objectives of the Library and works under the supervision of the group chief. The incumbent performs Information Systems Security Officer support, IT project planning and management, and IT research and analysis. The incumbent provides technical analysis and support, programming needs and the performance of associated tasks.
Manages the development of long-range plans for IT security of systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT system vulnerabilities.
Provides authoritative guidance related to information system security planning and the coordination and development of specifications to meet security requirements. Develops and reviews systems security procedures and guidance for systems processing multiple applications that require differing and conflicting security controls, and that are typically accessed by a large distributed user community. Interprets IT security policy and implements corresponding security controls covering the management, operational, and technical aspects of a system's boundary.
This includes physical security, application and data security, system software security, contingency planning, compliance with personnel clearance procedures, security education and training, and contractor security.
Implements higher-level security requirements, such as those resulting from laws or regulations. Ensures the confidentiality, integrity, and availability of IT systems through full compliance with LCR 1920. Continually evaluates current systems security posture and monitors activities associated with IT security compliance. Manages the development of information system security plans and procedures, and ensuring that they are in compliance with federal laws, related NIST standards and agency IT security policies and directives.
Assists in preparing comprehensive reviews and evaluations of software and systems design or modification proposals for identifying possible security risks that should be considered during further systems design and programming. Assists in reviewing final software installation and system plans for additional security risks not identified during proposal stages and recommends work process changes and general design and programming techniques to alleviate potential security problems.
Investigates security incidents for cause and the most effective corrective actions. Monitors and evaluates changes that affect systems security.
Plans and manages complex IT projects involving interrelated disciplines and multiple stages of the systems development lifecycle. For example, manages IT projects for the office, and aligns the IT infrastructure with agency business requirements. Integrates systems analysis, software development, database administration, and customer support into the project plan.
Analyzes the development of information systems requirements and plans for systems integration. Evaluates the adequacy of change management by reviewing the configuration change process and policy. Develops and evaluates testing strategies, plans, or scenarios. Participates in milestone project reviews, and monitors project activities/resources to mitigate risk.
Evaluates agency's information system requirements, and ensures that agency information systems requirements are identified, including reviewing project estimates, schedules, and contingency plans. Assesses the overall project plan, budget, tasks descriptions, work breakdown schedule, and deliverables. Reviews project plans for systems analysis, software development, database administration, and customer support.
Reviews proposed policy, regulations, and procedural changes to determine impact on area of responsibility. In consultation with users and in consideration of existing problems, constraints, and potentially relevant developments in applications programming technology, recommends priority areas of emphasis for improvement of currents systems.
Reviewing and evaluating security policies, and identifying the need for change based on new security technologies or threats. Provides expert analysis and advice on complex program related information technology (IT) issues or problems where new analytical techniques must be developed to identify and evaluate findings. Based on operations and changing program requirements, identifies relevant issues. Collects relevant
Performs other duties as assigned.
The position description number for this position is 361216.
The salary range indicated reflects the locality pay adjustments for the Washington, D.C., Metropolitan area.
The incumbent of this position will work a flextime work schedule.
This is a non-supervisory, bargaining unit position.
Relocation expenses will not be authorized for the person(s) selected under this vacancy announcement.
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/592315300. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.