Clarification from the agency

The IHS is required by law to give absolute preference to qualified applicants who meet the Secretary of the Interior's definition of Indian for appointment to vacancies within the IHS in accordance with established IHS policy as outlined in the Indian Health Manual Part 7, Chapter 3. The IHS is an Equal Opportunity Employer.

Videos

This position is being re-advertised to solicit additional applications. Applicants who previously applied do not need to re-apply, unless submitting updated and/or missing information.


Total Compensation Package - Check out IHS's outstanding total compensation package for this job:
IT Specialist Total Compensation | Pay (ihs.gov)

POLICY & PROCEDURES

• Draft policies and related standards in accordance with the National Institute of Standards and Technology (NIST), the Department of Health and Human Services (HHS), the National Cybersecurity and Communications Integration Center (NCCIC) and other applicable federal government requirements, guidance, and directives.
• Develop procedures for first responders for handling information security incidents.
• Validate and maintain incident response plans and processes to address potential threats.
• Support the agency Chief Information Officer (CIO) in making decisions by providing written analysis of an incident with its effects on the agency security posture.

INCIDENT INVESTIGATION & RESPONSE

• Provide technical support to agency-wide information technology technicians to resolve cyber defense incidents.
• Perform cyber defense incident triage, to include determining scope, and potential impact, identifying the specific vulnerability, and making recommendations.
• Track and document cyber defense incidents from initial detection through final resolution.
• Provide investigation findings to relevant business units to help improve information security posture.
• Recommend new systems and processes to fill gaps and to streamline and/or automate incident response processes.
• Initiate and/or engage in information technology security investigations or audit functions relating to the work of individuals employed by Indian Health Service (IHS) including duties which directly affect the internal security of IHS.
• Participate in or has access to investigations involving Personal Identifiable Information (PII) and/or Protected Health Information (PHI) to ensure that other employees' duties are discharged honestly and with integrity.
• Provide timely detection, identification, and alerting possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.

REPORTING

• Prepare internal and external reports that may include providing audit liaison support to information technology operations, such as the Federal Information Security Act (FISMA), Chief Financial Officer, and others as directed.
• Provide internal reporting to the supervisor on information technology incident response activities, such as periodic, but no less frequently than quarterly, reports capturing the status of IHS systems' security posture with IHS and HHS security metrics.
• Individually or as a team member, participate in surveys, studies and other investigations of management practices and administrative operations to determine the adequacy of present systems and to improve organizational operations.
• Conceptualize and develop study plans, conduct fact-finding, analyze data, prepare and present findings and recommendations.

SUBJECT MATTER EXPERTISE

• Prepare position papers, executive submittals, presentations, memoranda, and other correspondences, as directed, in response to the most far-reaching proposals that relate to investigative findings, enterprise-wide information security policies and standard requirements or modifies existing organizational arrangements.
• Analyze short, medium, and long-range projects for solutions of complex operational or policy issues in areas such as information security, information security reporting, systems development life cycle, quality assurance, and others as directed.
• Monitor organizational, legislative, administrative, and technological changes that affect information system standards and related processes and impact upon future planning to meet the needs of the Agency.
• Monitor information security related websites to stay up to date on current attacks and trends.
• Analyze potential impact of new threats and communicate risks to relevant business units.
• Provide technical expertise of current and evolving best practices in cybersecurity and the broader information technology industry.

Conditions of employment

Selectee may be subject to a probationary period
U.S. Citizenship is required
Selective Service Registration is required for males born after 12/31/1959

Successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights and responsibilities, visit www.dhs.gov/E-Verify/.

You will need to set up direct deposit so we can pay you.

Background Investigation: If you are selected for this vacancy, you must undergo a pre-employment fingerprint check and background investigation. Fingerprint results and background investigation documentation must be cleared prior to hire. After you begin your employment, your continued employment is contingent upon the outcome of a complete background investigation as determined by the sensitivity level of your position. The investigation must find that you are suitable for Federal employment in your position. If you are found not suitable, you will be terminated after you begin work. If you make a false statement in any part of your application, you may not be hired; you may be fired after you begin work; or subject to possible criminal charges. You may be subject to a credit check as a part of the background investigation process.

Qualifications

To qualify for this position, your resume must state sufficient experience and/or education, to perform the duties of the specific position for which you are applying.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; social). You will receive credit for all qualifying experience, including volunteer and part time experience. You must clearly identify the duties and responsibilities in each position held and the total number of hours per week.

BASIC REQUIREMENTS

1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
3. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

In addition to the Basic Requirements, you must also meet the Minimum Qualifications stated below.

MINIMUM QUALIFICATIONS

GS-13: One (1) year of specialized experience equivalent to at least the GS-12 grade level.

Your resume must demonstrate at least one (1) year of specialized experience equivalent to at least the next lower grade level in the Federal service obtained in either the private or public sector performing the following type of work and/or tasks:

• Experience evaluating, developing and implementing cybersecurity policies, standard operating procedures, and guidelines based on National Institute of Standards and Technology (NIST) acceptable practices/standards.
• Experience capturing and analyzing network traffic, network signature development, network behavioral analysis, and conducting log analysis and anomaly detection for incident response.
• Experience conducting threat hunting and incident response capabilities and detection gap-analysis to identify courses of action for national mission capability enhancements.
• Experience correlating incident data to identify exploited vulnerabilities or system weaknesses and make recommendations that enable expeditious remediation.

NOTE: You must meet all examples of specialized experience listed above.


SELECTIVE FACTOR
A selective factor is a competency/knowledge, skill, ability (KSA) or special qualification without which a candidate could not perform the duties of this position in a satisfactory manner. There is a selective factor applied in addition to the basic requirements and minimum qualifications for this position. Applicants who do not meet this selective factor are ineligible for further consideration.

This position requires the following certification:

• Active/Valid Certified Information Systems Security Professional (CISSP) certification

NOTE: Proof of certification must be submitted with your application package.


You must meet all qualification requirements within 30 days of the closing date of the announcement.

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

Additional selections may be made for similar positions across the Department of Health and Human Services (HHS) within the local commuting area(s) of the location identified in this announcement. By applying, you agree to have your application shared with interested selecting official(s) at HHS. Clearance of CTAP/ICTAP will be applied for similar positions across HHS.

This position will be filled through the Office of Personnel Management's Direct Hire Authority. Category rating and Veterans' Preference will not be considered in evaluating applicants. For more information on Direct Hire Authority, please see OPM Direct Hire Fact Sheet. Your application (resume and supporting documentation) will be evaluated to determine if you meet the minimum qualifications required as listed on the announcement under qualification requirements. To be considered well qualified for the purposes of the Career Transition Assistance Program (CTAP) and the Interagency Career Transition Assistance Program (ICTAP), you must substantively exceed the basic qualifications and meet all eligibility, physical, medical, suitability, and any other requirements.

Click here to view vacancy questions: https://apply.usastaffing.gov/ViewQuestionnaire/12732412. All documents above MUST be received by 11:59 (Eastern Standard Time) of the closing date of, 07/21/2025, to be considered.