Due to the Pandemic and individual states with different phases of reopening, the selectee’s report date to the official duty station/facility may be delayed until such time as employees are allowed to report to the workplace. The person selected may telework up to the maximum extent possible, up to and including full time, until it is determined by state and Federal officials that employees are allowed to report to the workplace where this position is located, on a regular basis.Learn more about this agency
The System Security Compliance Branch is organized into two sections, managing the characterization of Security Vulnerabilities and Documented Findings from Security Assessments (POA&Ms) related to ADE supported business applications in AIT’s production portfolio. Members of the Compliance Support & Assistance section (ADE-541) serve as application system owners and security remediation consultants for development teams. They support ADE sustainment coordinators and other support leads in maintaining their applications, infrastructure, and application platforms securely. ADE-541 personnel also work closely with AIS Security and FAA Cloud Service (FCS) personnel.
The incumbent of this position will serve as a Supervisory IT Specialist in the Compliance Support & Assistance section. The incumbent will be responsible for the following duties:
- Communicate the organization's vision and objectives.
- Serve as a first line supervisor at the Branch level; assigning work, setting priorities, and reviewing and evaluating work.
- Monitor and evaluate yearly performance reviews, approving Time and Attendance (T&A).
- Ensure staff are appropriately trained, supported and informed.
- Coach and develop employees; recommending or approving corrective or disciplinary actions
- Resolve routine problems that typically impact he objectives of the organizational unit.
- Oversee, track, and provide consultative services to aid development teams in remediation of security vulnerabilities, POA&Ms, and other application security defects for all ADE managed systems.
- Responsible for System Ownership for FAA Information Systems, which incorporate multiple ADE, managed assets (e.g., applications, enterprise platforms, and application infrastructure).
- Responsible for developing, implementing, assessing and maintaining the appropriate system-level information system security controls in accordance with the Federal Aviation Administration (FAA), NIST 800-53 (as amended), federal government-wide laws regulations, policies, procedures, and standards.
- Advises sustainment coordinators and their development teams on how security vulnerabilities and POA&Ms could be remediated.
- Serves as liaison responsible between sustainment coordinators, who oversee the ADE managed business applications, and AIS Security Assessment personnel
- Collaborates with the sustainment coordinator to engage AIT business partners to address their application security related questions.
- Collaborates with AIS, ADE DevSecOps subject matter experts (SME)s, and others to mature the Security (Sec) piece in DevSecOps.
- Collaborates with AIS, sustainment coordinators, and others to migrate applications to the FAA Cloud Service (FCS) while maintaining/improving the application’s security profile.
- Provides application security consulting services to all AIT security services.
- Collaborates with various AIT and other FAA organizations to design, develop and operate secure applications with enterprise security services like Identity and Access Management (IAM), Encryption, Data Masking and other technologies.
- Providing expert advice, counsel, and instruction to management on application cybersecurity issues and conducts data-driven decision supporting briefings, as required, to perform missions and achieve goals and objectives.
- Collaborate with AIS in developing policies, plans, and procedures to ensure the continued reliability, security and accessibility of ADE managed systems, and data infrastructure across datacenter and cloud environments.
- Serves as a technical authority and focal point for information security policies and procedures, including hardware, software (both applications and systems) and teleprocessing security.
Occasional travel - The job may require travel from time- to-time, but not on a regular basis. The travel may be for training or other work-related duties.
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/598754100. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.