Clarification from the agency

THIS IS A PUBLIC NOTICE: This Notice is issued under direct-hire authority (DHA) to recruit new talent to this occupation for which there is a severe shortage of candidates. This means that we can hire any qualified candidate, either from this notice or from any source. NOTE: Current civil service employees will receive new appointments if selected under this Direct Hire Authority. For more information on DHA, please visit http//www.opm.gov/directhire/index.asp

As an IT Specialist (INFOSEC) you will perform the following duties:

The Office of GSA IT, Security Engineering Division (IPO) provides security consulting and engineering support for systems and emerging IT and IT security initiative.

IT Specialist with FedRAMP Engineer Specialization

• Responsible for developing and formalizing the GSA IT OCISO FedRAMP sponsorship program. Key activities include developing program documentation, templates, processes, and systems to facilitate cloud service providers (CSPs) through the FedRAMP authorization process. Participate in cross functional teams with other OCISO organizations to develop, mature, and implement new processes supporting authorization options such as GSA LiSaaS, GSA MiSaaS, and GSA Protecting CUI in Non-Federal Systems guides which interconnect with supported FedRAMP systems.
• Serve as a subject matter expert in the field of cloud computing and highly skilled in designing secure system architectures built on industry leading infrastructure as a service (IaaS) platforms such as Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure.
• Provide comprehensive support throughout the complete FedRAMP authorization process of a CSP offering. Works directly with GSA Government POCs and CSPs to ensure all FedRAMP sponsorship program requirements are met. As of April 2024, the OCISO FedRAMP sponsorship program supports roughly 30+ CSPsCurrently and anticipates supporting five new agency FedRAMP ATO sponsorships annually.
  
• Provide advisory and consulting services related to FedRAMP and Government wide policy as well as security review of new and emerging technologies. Interpret FedRAMP and other GSA requirements and provide vendors with guidance regarding expectations, technical requirements, and process. Stay informed of updated FedRAMP guidance, industry best practices, emerging technologies, and Government cybersecurity directives and provide recommendations to the FedRAMP team and GSA management regarding program impacts. Conduct security reviews of technologies for use base consideration within CSPs authorization boundary.
• Provide project management support related to organizing, managing, and reporting on CSP deliverables and overall authorization status. Develop and maintain a FedRAMP program level dashboard with a high level summary of each CSP status, schedule, milestones, and risks. Maintain a detailed WBS per CSP to track detailed project schedules, activities, and deliverable status.
• Implement and provide authoritative advice and guidance to ensure the confidentiality, integrity, and availability of network and information systems.
  
• Collaborate with internal and external stakeholders and partners to support the government’s information security needs and establish related guidelines. Provides input and support of related high level initiatives.
  

Conditions of employment

• US Citizenship or National (Residents of American Samoa and Swains Island)
• Direct Deposit of salary check to financial organization required.
• Register with the Selective Service if you are a male born after 12/31/1959
• You may be required to serve a trial period.
• You must apply on-line via the GSA website.
• Suitable for Federal employment, determined by a background investigation.

 If selected, you must meet the following conditions:

• Receive authorization from OPM on any job offer you receive, if you are or were (within the last 5 years) a political Schedule A, Schedule C or Non-Career SES employee in the Executive Branch.
• Serve a one year probationary period, if required.
• Undergo and pass a background investigation (Tier 2 investigation level).
• Have your identity and work status eligibility verified if you are not a GSA employee. We will use the Department of Homeland Security’s e-Verify system for this. Any discrepancies must be resolved as a condition of continued employment.

Qualifications

For each job on your resume, provide:

• the exact dates you held  each job (from month/year to month/year)
• number of hours per week you worked (if part time).

If you have volunteered your service through a National Service program (e.g., Peace Corps, Americorps), we encourage you to apply and include this experience on your resume.

For a brief video on creating a Federal resume, click here.

The GS-14 salary range starts at $122,198.00 per year.

If you are a new federal employee, your starting salary will likely be set at the Step 1 of the grade for which you are selected.

To qualify, you must have at least one year of specialized experience equivalent to the GS-13 level or higher in the Federal service. 

Applicants applying for the GS-14 grade level must meet the following requirements:

Have IT-related experience demonstrating EACH of the four competencies AND one year of specialized experience equivalent to the GS-13 level in the Federal service as described below:

IT SPECIALIST COMPETENCY REQUIREMENTS:

• Attention to Detail - This skill is generally demonstrated by assignments where the applicant investigates and evaluates “state of the art” technology of the industry.
• Customer Service - This skill is generally demonstrated by assignments where the applicant confers with users to evaluate the effectiveness of, or identify the need for, computer programs or management systems.
• Oral Communication - This skill is generally demonstrated by assignments where the applicant persuades others to take a particular course of action or to accept findings, recommendations, changes, or alternative viewpoints.
• Problem Solving - This skill is generally demonstrated by assignments where the applicant identifies and accommodates technology and resource constraints.

SPECIALIZED EXPERIENCE REQUIREMENTS:  

IT Specialist (INFOSEC) with FedRAMP Engineer Specialization: Specialized experience is defined as experience leading IT security projects, providing information and recommendations to meet the business goals and improve processes of an organization’s IT security in cybersecurity risk management framework and cloud secure architecture design and review.

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

Evaluation Statement

Applications will be evaluated against the basic qualifications. Qualified candidates will be considered in accordance with the Office of Personnel Management Direct Hire Guidelines. Applications will not be rated or ranked. Veterans’ Preference does not apply to the direct hire recruitment procedures.

You may not be considered for the position, if any part of the application is incomplete or missing the required supporting documentation. Falsifying your background, education and/or experience is cause for not hiring you or dismissing you if hired.

You will be scored on the questions you answer during the application process, which will measure your possession of the following competencies or knowledge, skills, and abilities:

1. Skills applying IT security theories, principles, concepts, standards, and best practices to understand the Cloud Service Provider’s SaaS solution design and guide the CSP through the FedRAMP authorization process
2. Skills in building relationships with internal and external customers to provide advice and guidance.
3. Knowledge of project management methodologies.
4. Ability to apply tools and technologies to direct the secure development and implementation of systems/software.