This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/job/669322000. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.
Please see the Clarification from Agency and Additional Information section below for more information on telework options.
This position is in the Office of Chief Information Officer Organization, HQ of the Federal Deposit Insurance Corporation and is responsible for developing, executing and managing cybersecurity risk management programs and estimates of risks associated with technologies and discovered threats.
Learn more about this agency08/04/2022 to 08/18/2022
$138,043 - $221,872 per year
CG 14
1 vacancy in the following location:
No
Yes—as determined by the agency policy.
Occasional travel - Occasional travel may be required.
No
Permanent
Full-time
Competitive
14
No
No
2022-HQDH-0344
669322000
All United States Citizens. This is a Direct-Hire Public Notice. Please see "Additional Information" for available telework options.
Independently conducts assessments of controls, threats and vulnerabilities, determine deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develop and/or recommend appropriate mitigation countermeasures in all situations. Assesses systems security posture to maintain acceptable risk. May test applications throughout its life-cycle to identify weaknesses. May perform technical tests, network scans, vulnerability scans, and/or penetration testing to evaluate the effectiveness of systems, devices, procedures, and methods used to safeguard information in computer accessible media.
Plan and conduct cybersecurity assessment and authorization activities as systems are deployed to production for the first time and after they are transitioned to continuous monitoring. Develop assessment and authorization strategies, concepts, processes for managing cybersecurity risks through DevSecOps methods. Review assessment and authorization documents and artifacts to confirm that the level of risk is within acceptable limits for each software application, system, and network. Develop cybersecurity compliance processes and/or assessments for external services (e.g., cloud service providers, external data centers).
Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risks. Provide input to the Risk Management Framework process activities and related documentation (e.g., security categorization worksheets, system security plans, configuration management plans, business impact analysis, contingency plans, concept of operations, operational procedures, maintenance training materials, security categorization worksheets, configuration management plans,).
Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals. Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment. Ensure that security design and cybersecurity development activities are properly documented (providing a functional description of security implementation) and updated as necessary.
Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
Verify that controls are implemented as stated, any deviations and gaps are documented, and required actions to correct those deviations are tracked through Plan of Action and Milestones (POA&Ms). Ensure that POA&Ms or remediation plans are in place for vulnerabilities identified during security and privacy control assessments, audits, inspections, and etc. Ensure that POA&Ms or remediation plans are in place for vulnerabilities identified during security and privacy control assessments, audits, inspections, and etc. Perform reviews and identify gaps in security architecture and controls resulting in recommendations for inclusion in the risk mitigation strategies. Perform risk analysis (e.g., vulnerabilities, gaps, threats, impacts, and probability of occurrence) whenever an application or system undergoes a major change.
Registration with the Selective Service.
U.S. Citizenship is required.
Completion of Financial Disclosure may be required.
• Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
• Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
• Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
• Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.
Applicants eligible for ICTAP (Interagency Career Transition Assistance Program) must achieve a score of 80 or higher in the online assessment to be determined “well qualified” for this position. For more information, click here
There is no substitution of education for the experience for this position.
Additional selections may be made from this vacancy announcement to fill identical vacancies that occur subsequent to this announcement.
If selected for the position, you may be asked to provide the FDIC with your COVID-19 vaccination status.
If selected, you may be required to serve a probationary period.
To read about your rights and responsibilities as an applicant for Federal employment, click here.
The FDIC offers position-specific telework options. This position is eligible for Traditional Telework, Expanded Telework and the Home Based Options. For more information, please reference the above-mentioned telework options here
You will be evaluated for this job based on how well you meet the qualifications above.
This is a Direct-Hire Public Notice. Applications will be accepted for the location identified in the public notice. Veteran’s preference and traditional rating and ranking of applicants DO NOT apply to positions filled under this public notice.
All complete applications (transcripts must be included) will be verified for eligibility requirements and will be submitted to the hiring official upon request.
Upon the submission of your application package to USAJobs.gov, you will receive an automatic reply from OPM informing you that your application has been submitted, received and is being processed. If you provided an email address, you will receive an email message acknowledging the receipt of your application. Your application will remain active through the open period of this Public Notice. You will not receive any additional notifications, and your resume may not be reviewed for qualifications unless a position is requested to be filled by the hiring official. After you submit your application, you will be contacted only if further evaluation or interviews are required or upon your selection.”
If requested by Management, your application will be reviewed to determine whether you meet the qualification requirements outlined in this announcement. Therefore, it is imperative that your resume contain sufficiently detailed information upon which to make the qualification determination. Please ensure that your resume contains specific information such as position titles, beginning and ending dates of employment for each position, average number of hours worked per week, and if the position is/was in the Federal government, you should provide the position series and grade level.
You do not need to respond separately to these KSAs. Your resume will serve as responses to the KSAs.
1. Knowledge of Security Assessment and Authorization process.
2. Knowledge of the operating characteristics of large- scale, general-purpose computer equipment, operating systems, diagnostic software, and other support systems software to ensure information assurance
guidelines are met.
3. Skill applying IT principles, concepts, methods, standards, and practices.
4. Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
5. Skill conducting vulnerability scans and recognizing vulnerabilities in security systems.
6. Skill applying theories and new developments to information security problems not susceptible to treatment by accepted methods.
INTERAGENCY TRANSITION ASSISTANCE PROGRAM (ICTAP): If you are a displaced Federal employee eligible for consideration under ICTAP, you must submit proof of eligibility. For more information, click here
Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education.
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.
To begin, click the “Apply” button and follow the prompts. If you haven’t already, register and establish a USAJOBS account. After you register online, click the “Apply” button to complete the online assessment questionnaire, and submit all required documents. Please be sure to click “Submit Application” to complete the application process. You must apply online.
Applicants requesting an exception from the online process must contact the Human Resources Specialist or contact point listed in this announcement prior to 12:00 noon local time on the closing date.
To return to your saved application, log in to your USAJOBS account and click on “Applications” tab. Click on the “Position Title,” and then select “Update Application” or “Additional Application Information” to continue.
You have until 11:59 p.m. ET (Eastern Time) on the closing date of this announcement to complete the application process.
Please ensure you have completed the application process by verifying the status of your application on-line to reflect: “Received”. Failure to complete the application process will result in an incomplete application and you will not be considered for the position.
You may check the status of your application on-line 24 hours a day, 7 days a week through USAJOBS by signing in and selecting "Application Status." Thank you for your interest in working for the Federal Deposit Insurance Corporation.
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/job/669322000. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.
Learn more about
The Federal Deposit Insurance Corporation (FDIC) is one of the most respected forces in America’s financial community. Our mission is to maintain stability and public confidence in the nation’s financial system by insuring deposits, examining and supervising financial institutions, and managing receiverships.
The FDIC has ranked as one of the best places to work among mid-sized agencies in the Federal Government for the past seven years.