Clarification from the agency

U.S. Citizens - Public

A GS-2210-12, IT SPECIALIST (INFOSEC):

• Five percent of the time, exercises supervisory responsibilities such as: Assigns work to subordinates, develops performance standards, evaluates performance, recommends awards, takes disciplinary action as required, conducts performance counseling, and approves leave.
• Manages the Network Security Program.
• As the local area expert for computer network defense, the position is the point of contact for all aspects of Information Assurance, computer network defense, and network security within the Organization.
• Serves as an information system/network security analyst supporting the Information Assurance Program.
• Responsible for identifying and supporting the agency's Information Assurance certification, accreditation and security issues.
• Provides recommendations for upgrade to the current infrastructure.
• Provides guidance, support, and technical expertise to the organization on the security of networks.
• Manages and coordinates the implementation of information processing standards as they relate to system security/Information Assurance.
• Manages and coordinates guidance on hardware/software required to bring systems/networks into regulatory compliance.
• Provides technical expertise on security aspects of network accreditation packages for networks developed within the area of operations.
• Tracks circuit installations and network upgrades throughout the organization and insures new connections are documented on Approval to Operate (ATO) authorizations..
• Insures that system administrators receive Information Assurance Vulnerability Alert (IAVA) alerts and tracks progress towards their application; leads software patch management efforts.
• Must be well versed in Risk Management Framework (RMF) accreditation processes to provide assistance, guidance, and supporting information to network analysts, site personnel, certification and authentication personnel, and Designated Approving Authorities (DAA).
• Maintain an accreditation inventory for the organization's systems.
• Ensures that accreditations and countermeasures reviews are understood and completed for all applicable systems and networks.
• Ensures that the network analysts have provided all necessary user certification documents prior to connection to networks and/or nodes.
• Serves as the Communications Security (COMSEC) Manager for cryptographic activities.
• As the primary or alternate COMSEC Manager, administers, coordinates, and implements programs to safeguard and control COMSEC material and equipment for the COMSEC account.
• Provides quality control for the COMSEC program by conducting periodic inspections of all supported COMSEC accounts.
• Exercises primary responsibility for the accountability, issues, destruction, and turn in of all COMSEC material, key (computer generated and paper), and equipment. Stores and issues material for the supported COMSEC requirements.
• Prepares all COMSEC forms, logs, and reports pertaining to COMSEC material accountability.
• Inspects accounts for accuracy and sufficiency.
• Provides assistance to users in the establishment of crypto-facilities and their users, to include classifying, downgrading, declassifying, safeguarding, and destruction of COMSEC material.
• Ensures the requisition, receipt, storage, maintenance, shipment, transfer, accounting, and proper disposition of all COMSEC material and equipment issued to the COMSEC account.
• Ensures the physical Security of the COMSEC account crypto-facility (vault).
• Prepares and implements security directives, local policies, Standard Operating Procedures (SOPs), and Emergency Evacuation Plans (EEP) for COMSEC material.
• Advises leadership on requirements for COMSEC material accountability and other matters pertaining to COMSEC.
• Serves as the COMSEC Key Management Infrastructure (KMI) operator and administrator, which includes all associated IT equipment, software, and interfaces; conducts System Administration (SA) planning, coordination, modification, operation, implementation, and troubleshooting to support the Information Technology needs of the COMSEC Account.
• Responsible for the Software Management Program: Manages program to ensure compliance with Federal, DoD, DISA, and Air Force, standards.
• As Software Manager, ensures an effective software management plan is in place and efficiently used, all software installed on EADS DoD Information Systems have a valid license certificate, media, keys, and certificates are backed up, and securely stored, media and keys are provided to technicians for installation, and periodic auditing is conducted to ensure compliance.
• May function as the Cyber Surety primary or alternate work center supervisor as assigned.
• Other duties as assigned.

Conditions of employment

• Federal employment suitability as determined by a background investigation.
• May be required to successfully complete a trial period.
• Participation in direct deposit is mandatory.
• U.S. Citizenship is required.
• A resume and supporting documents must be submitted (see "How to Apply").
• This position is subject to provisions of the DoD Priority Placement Program.
• Must be able to obtain and maintain the appropriate TOP SECRET security clearance of the position.
• This position is covered by the Domestic Violence Misdemeanor Amendment (30 Sep 96) of the Gun Control Act (Lautenberg Amendment) of 1968. An individual convicted of a qualifying crime of domestic violence may not perform the duties of this position.
• Position requires ability to establish effective professional working relationships with coworkers and customers, contributing to a cooperative working environment and successful accomplishment of the mission.
• May occasionally be required to work other than normal duty hours; overtime may be required.
• Duties and responsibilities may significantly impact the environment. You are responsible to maintain awareness of your environmental responsibilities as dictated by legal and regulatory requirements, your organization, and its changing mission.
• The employee may be required to work other than normal duty hours, which may include evenings, weekends, and/or holidays.
• Work may occasionally require travel away from the normal duty station.
• The employee may be required to travel on military and commercial aircraft.
• Recall to duty may be a requirement of this position.
• Irregular and/or overtime (compensatory) hours may be required to support operational requirements or contingencies or may be required to work hours outside of the normal duty day.

Qualifications

GENERAL EXPERIENCE:
Must have IT-related experience demonstrating each of the four competencies listed below. The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled.

1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
3. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Or

1-year specialized experience equivalent to at least the next lower grade. ***You must provide your most recent SF50 in your application to support your experience at the next lower level.***

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

Once the announcement has closed, your resume and supporting documentation will be used to determine if you meet the qualifications listed on this announcement. If you are minimally qualified, your resume and supporting documentation will be compared to your responses on the assessment questionnaire to determine your level of experience. If you rate yourself higher than is supported by your application package, your responses may be adjusted and/or you may be excluded from consideration for this position. You may also be excluded from consideration if you indicate that you are unwilling to accept the lower grade and a determination is made that you are not qualified at the higher grade. If you are found to be among the top qualified candidates, you will be referred to the selecting official for employment consideration.

Verbiage displayed on your resume or application must contain your own words. You may refer to position descriptions, as well as the general and specialized experience located within the vacancy announcement, to assist with describing work experiences; however, resumes or applications received in verbatim will not be considered. In your resume you will need to address the general and specialized experience listed above. Please use as much detail as needed, giving dates (months and years) of the experience, position title and how the experience was gained. This information is needed to determine if you are qualified for the position.

Your qualifications will be evaluated on the following competencies (knowledge, skills, abilities, and other characteristics). NOTE: You do not have to respond to the KSA's separately but your resume should contain sufficient information to demonstrate possession of the KSA's.

• Knowledge of a full range of IT security principles, concepts, practices, products and services (including systems software, database software, immediate access storage technology), and methods for evaluating risk and vulnerability, implementing mitigating improvement, and disseminating IT security tools and procedures.
• Knowledge of IT INFOSEC security requirements for certification and accreditation, network operations and protocols, systems testing and evaluation, and performance management methods sufficient to plan and conduct security accreditation reviews for installed systems or networks and assess and advise on new or revised security measures and countermeasures based on the results of accreditation reviews.
• Knowledge of Local Area Network security requirements and techniques for protecting computer systems from viruses, data tampering, and unauthorized system entry.
• Knowledge of a broad range of telecommunications concepts and principles, operating modes, systems, media, equipment, equipment configuration, and related software systems, processes and procedures to assess and advise on vulnerability to attack from a variety of sources (e.g., espionage, disruption of services, destructive programs/applications) and procedures and methods for protection of systems and applications.
• Ability to communicate effectively, both orally and in writing.
• Ability to develop and conduct training on information security.