The Supervisory IT Specialist (INFOSEC) provides risk management functions and capabilities used in the Department's Information Security Risk Management (ISRM) office to include the execution of functions aligned with the National Institute of Standards and Technology (NIST) Risk Management Framework. The incumbent provides technical and non-technical services for VA to comply with the RMF and associated government functions that assure the protection of critical VA information.Learn more about this agency
The first 50 qualified and eligible candidates who applied will be considered for referral to the selecting official. Additional candidates will be referred based on hiring needs.
This position is primarily aligned to the following NICE Cybersecurity Workforce Framework work roles.
OPM Cyber Code 612 - Security Control Assessor; OPM Cyber Code 461 - Systems Security Analyst; OPM Cyber Code 431 Knowledge Manager
For more information about these work roles, where they fit within the larger Cyber Workforce, and how they can support your unique career journey, please visit the Cyber Career Pathways tool on the National Initiative for Cybersecurity Careers and Studies website: https://niccs.us-cert.gov/workforce-development/cyber-career-pathways
Work Schedule: Monday - Friday 8:00 a.m. - 4:30 p.m.
Compressed/Flexible Schedule: May be available at Supervisor's discretion.
Telework: May be available at Supervisor's discretion.
Virtual: This is not a virtual position
Position Description Title/PD#: Supervisory IT Specialist (INFOSEC)/ PD17910A
Relocation/Recruitment Incentives: Not Authorized
Financial Disclosure Report: Not Required
Physical Requirements: The work is sedentary. Some work may require walking and standing in conjunction with travel and attendance at meetings and conferences away from the work site. Some employees may carry light items such as papers or books or drive a motor vehicle. The work does not require any special physical effort.
- Supervises team to develop and analyze procedures and systems for identifying, assessing, and reporting on the effectiveness of all aspects of cybersecurity risk management which may include, but is not limited to, IT security, privacy, physical security, personnel security, human resources, and other related areas.
- Plans and conducts security authorization reviews and assurance case development for initial installation of systems and networks.
- Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
- Assures successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals.
- Design, build, implement, and maintain a knowledge management framework that provides end-users access to the organization's intellectual capital.
25% or less - You may be expected to travel for this position.
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/592530300. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.