As the Vulnerability Management Lead, you will manage and maintain GSA cybersecurity defenses.
Location of position:
The Office of GSA IT, Security Operations Division (ISO) 1800 F St. NW, Washington, DC 20405
The Security Operations Division is responsible for providing real-time operational security through the security operations center and enterprise network security capabilities.
We are currently filling one vacancy, but additional vacancies may be filled as needed.
Summary
As the Vulnerability Management Lead, you will manage and maintain GSA cybersecurity defenses.
Location of position:
The Office of GSA IT, Security Operations Division (ISO) 1800 F St. NW, Washington, DC 20405
The Security Operations Division is responsible for providing real-time operational security through the security operations center and enterprise network security capabilities.
We are currently filling one vacancy, but additional vacancies may be filled as needed.
This public notice is issued under Direct Hire Authority (DHA) to recruit talent to occupations for which there is a severe shortage of candidates or a critical hiring need. This means that we can hire any qualified candidate from this notice or any other source.
About this DHA notice:
-Current civil service employees will receive new appointments if selected under this DHA.
-For information on DHA, please visit https://www.opm.gov/policy-data-oversight/hiring-information/direct-hire-authority/
As a Vulnerability Management Lead you will perform the following duties:
Responsible for a variety of Information Security tasks and functions to ensure agency level compliance with GSA IT Security policies, Federal Information Security Management Act of 2002 (FISMA), Office of Management and Budget (OMB), Department of Homeland Security (DHS), and National Institute of Standards and Technology (NIST) requirements.
Provides expert advice to the Division Director. Represents the Division and OCIO in meetings with other GSA entities; and GSA in meetings with representatives of industry, other agencies, public organizations, etc. , to resolve problems, develop joining policies/standards; analyze, select and implement IT security products/services/solutions, and exchange information regarding areas of technical expertise.
Conducts, oversees, and monitors security analyses, testing, and evaluations of GSA information systems in support of Security Assessment and Authorization (A&A) of and ongoing Continuous Monitoring. Creates reports, guidance, and direction for enhancement of security for systems/networks.
Participates in the conduct and management of independent evaluations and compliance reviews of IT systems in accordance with FISMA. This includes, but is not limited to, POA&M reviews, assessment, and authorization package reviews, exhibit 300 reviews, vulnerability assessments and scanning activities, system configuration reviews, and system inventory reviews, IT audit findings and remediation, etc.
Mitigates data exfiltration and service disruption risks, and reduces detection and response times, and recommends and directs changes in network and system designs, plans, or documentation to ensure compliance with security and privacy policy. Accelerates AI/ML-driven analytics into defensive cyber operations, including automated threat intelligence, anomaly detection, and risk scoring.
Responsible for implementing Enterprise Security Shared Services across stakeholders, in conjunction with the Director and the CISO/DCISO, building product roadmaps, business use cases, technical specifications, wireframes, mockups, prototypes, launch plans, tracking key performance metrics and data analytics/reporting along with end user/customer surveys among other deliverables for identifying efficiencies for the rolled-out services.
Manages GSA's Vulnerability Disclosure Program and Bug Bounty Program. Provides oversight and manages notifications from public sources of information risks for these programs.
Evaluates, acquires, configures, and uses software intended to ensure that automated systems are secure from unauthorized use, viral infection, and other problems that would compromise sensitive information in terms of confidentiality, integrity, and availability, or would compromise other aspects of overall system security.
US Citizenship or National (Residents of American Samoa and Swains Island)
Meet all eligibility requirements within 30 days of the closing date.
Register with Selective Service if you are a male born after 12/31/1959
Direct Deposit of salary check to financial organization required.
If selected, you must meet the following conditions:
Current or Former Political Appointees: The Office of Personnel Management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C or Non-Career SES employee in the Executive Branch, you must disclose this information to the HR Office. Failure to disclose this information could result in disciplinary action including removal from Federal Service.
Serve a one year probationary period, if required.
Undergo and pass a background investigation (Tier 2 investigation level).
Have your identity and work status eligibility verified if you are not a GSA employee. We will use the Department of Homeland Security’s e-Verify system for this. Any discrepancies must be resolved as a condition of continued employment.
Qualifications
For each job on your resume, provide:
the exact dates you held each job (from month/year to month/year)
number of hours per week you worked (if part time).
If you have volunteered your service through a National Service program (e.g., Peace Corps, Americorps), we encourage you to apply and include this experience on your resume.
The GS-14 salary range starts at $143,913 per year.
If you are a new federal employee, your starting salary will likely be set at the Step 1 of the grade for which you are selected.
To qualify, you must have at least one year of specialized experience equivalent to the GS-13 level or higher in the Federal service and have IT-related experience demonstrating EACH of the four competencies below:
IT SPECIALIST COMPETENCY REQUIREMENTS:
Attention to Detail - This skill is generally demonstrated by assignments where the applicant investigates and evaluates "state of the art" technology of the industry.
Customer Service - This skill is generally demonstrated by assignments where the applicant confers with users to evaluate the effectiveness of, or identify the need for, computer programs or management systems.
Oral Communication - This skill is generally demonstrated by assignments where the applicant persuades others to take particular course of action or to accept findings, recommendations, changes, or alternative viewpoints.
Problem Solving - This skill is generally demonstrated by assignments where the applicant identifies and accommodates technology and resource constraints.
SPECIALIZED EXPERIENCE:
In addition to the Basic Requirements listed above, you must have one year of specialized experience equivalent to the GS-13 in the Federal service.
Specialized experience is defined as experience conducting or assisting with security assessments, evaluations, or continuous monitoring of information systems and ensuring compliance with cybersecurity policies or regulatory requirements. This experience must also include identifying and addressing security vulnerabilities or risks, recommending improvements to system or network designs, or using security software or tools to safeguard systems. Such experience may be obtained in government, industry, or other related fields.
Education
This job does not have an education qualification requirement.
Additional information
Candidates will not be hired based on their race, sex, color, religion, or national origin.
Applicants are encouraged to make their resume searchable in their USAJOBS.gov profile. This will allow Federal hiring specialists and hiring managers across agencies to find their resume as part of agency recruitment campaigns or staffing searches.
If you apply to this position and are selected, we will not ask about your criminal history before you receive a conditional job offer. If you believe you were asked about your criminal history improperly, contact the agency or visit GSA's webpage.
Relocation-related expenses are not approved and will be your responsibility.
On a case-by-case basis, the following incentives may be approved:
· Credit toward vacation leave if you are new to the federal government
Additional vacancies may be filled through this announcement in this or other GSA organizations within the same commuting area as needed; through other means; or not at all.
Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Health insurance (choose from a wide range of plans)
Life insurance coverage with several options
Sick leave and vacation time, including 11 paid holidays per year
Thrift Savings Plan (similar to a 401(k) plan)
Flexible work schedules
Transit and child care subsidies
Flexible spending accounts
Long-term care insurance
Training and development
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
How you will be evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
Applications will be evaluated against the basic qualifications. Qualified candidates will be considered in accordance with the Office of Personnel Management Direct Hire Guidelines. Applications will not be rated or ranked. Veterans’ Preference does not apply to the direct hire recruitment procedures.
You may not be considered for the position, if any part of the application is incomplete or missing the required supporting documentation. Falsifying your background, education and/or experience is cause for not hiring you or dismissing you if hired.
ICTAP/CTAP Candidates: The Interagency Career Transition Assistance Plan (ICTAP) and Career Transition Assistance Plan (CTAP) provide eligible displaced Federal competitive service employees with selection priority over other candidates for competitive service vacancies. To be qualified you must submit appropriate documentation (a copy of the agency notice, your most recent performance rating, and your most recent SF-50 noting current position, grade level, and duty location) and be found “well-qualified" for this vacancy.
In addition to meeting the basic qualifications stated in the qualification section of this announcement, well qualified is defined as: experience that exceeds the minimum qualifications of the position, demonstrated by meeting at least 3 out of 5 KSA’s listed below:
Skill in the IT Security area of specialization, its governing laws, regulations, methodologies, and/or policies to provide sound and authoritative technical guidance on all issues related to the assigned program.
Skill in applying a wide range of qualitative and/or quantitative methods for the assessment and improvement of INFOSEC program effectiveness.
Skill in information technology security application to advise System Owners, Business Lines, Industry Partners, and client agencies in the analysis of complex mission requirements and applying information technology security in efficiently and effectively meeting these requirements.
Skill in the field of information technology focused on knowledge of vulnerability and application exploitation. Skill in written communication to support interactions with the general public and program management.
Skill in Information Technology focused on the maintenance and operation of Infosec technology, vulnerability scanning, dynamic application scanning and static code analysis.
Demonstration of these KSA’s must be supported by your resume. Applicants should also make note of each KSA, as you will be asked to address them later in the application process.
Subject Matter Experts (SMEs) may be utilized in the evaluation of qualifications and KSAs
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Health insurance (choose from a wide range of plans)
Life insurance coverage with several options
Sick leave and vacation time, including 11 paid holidays per year
Thrift Savings Plan (similar to a 401(k) plan)
Flexible work schedules
Transit and child care subsidies
Flexible spending accounts
Long-term care insurance
Training and development
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
ALL required documents must be submitted before the closing date. Review the following list to determine what you need to submit.
Resume: Your resume should not exceed 2 pages and must demonstrate the specialized experience related to the position for which you are applying. Resumes exceeding two pages will not be accepted by USAJOBS and will prevent your application from moving forward in the hiring process. Your resume must contain the following information:
Name, address, telephone number, email address;
Job Title (if Federal Service, provide series and grade; if not in GS plan, provide GS equivalent grade);
Relevant work experience—should include employer name, job title, start and end dates (month/year), the number of hours worked per week and descriptions that explain how you meet the required qualifications in the job announcement.
Education, certifications or licensures—If the job announcement requires any education, certifications or licensures, make sure to include the required information and any required documents like transcripts.
Your resume should contain enough information to make a valid determination that you fully meet the basic, general, or specialized experience requirements for each grade level you are applying. This information must be clearly identified in your resume. If you do not provide enough information for us to determine your qualifications, you may be rated ineligible.
If you are ICTAP/CTAPeligible - submit a, b, and c: (a) proof of eligibility including agency notice; (b) SF-50, and (c) most recent performance appraisal.
Current or Former Political Appointees: Submit SF-50.
Submit a complete online application including any required documents prior to 11:59 pm Eastern Time on the closing date of the announcement. You can modify or complete your application any time before the deadline. Simply return to USAJOBS, select the vacancy, and update your application. For more detailed instructions on how to apply, click here: Apply for a GSA Job.
If you are having issues applying to this announcement, you should switch to a different browser, network or device. Note: Your firewall may block your transfer from USAJOBS to your GSA application.
To begin, click the Apply Online button on the vacancy announcement.
Sign in or register on USAJobs and select a resume and documents to include in your application.
Resumes exceeding two pages will not be accepted by USAJOBS and will prevent your application from moving forward in the hiring process. Please see Required Documents for additional details.
Once you have clicked Apply for this position now, you will be taken to the GSA site to complete the application process.
Click the Apply To This Vacancy and complete all steps in the application process until the Confirmation indicates your application is complete. If you click Return to USAJobs or get timed out prior to receiving confirmation, your application will not be submitted and cannot be considered for this job.
Note: Review the REQUIRED DOCUMENTS section of this announcement to determine which apply to you and must be submitted online. You may choose one or more of the following options to submit your document(s): Upload (from your computer) or USAJOBS (click the "USAJOBS" link to complete the transfer process).
Need Assistance?
Questions or issues completing an application and/or submitting documentation - contact mgshelp@monster.comor 1-866-656-6831 Monday-Friday 7AM - 7PM EST, except for Federal holidays
Specific questions on the position - contact the HR representative (Monday-Friday during normal business hours) listed on the announcement, prior to the application deadline
You must receive HR approval before deviating from these instructions.
Be sure to APPLY EARLY as most assessments must be completed fully and submitted before the announcement closing.
GSA, Office of GSA IT
Servicing HR Office: Staff Office Branch D
GSA, Office of Human Resources Management (OHRM)
1800 F Street, NW
Washington, District of Columbia 20405
United States
Next steps
After the closing date/deadline:
ELIGIBILITY/QUALIFICATIONS: Your application will be reviewed for all requirements.
REFERRAL TO MANAGEMENT: If you meet all the requirements, you may be referred to management for review and a possible interview.
SELECTION/TENTATIVE JOB OFFER: If you are selected, you will receive a tentative offer and start the suitability and/or security background investigation process.
FINAL JOB OFFER: Once our security office determines you can come on board, you will be given a final offer, which is typically 40 days after the announcement closes
FINAL COMMUNICATION: Once the position is filled, we will notify you of your status. You may also check your application status by logging into USAJOBS and clicking “Track this Application” on the Applicant Dashboard.
Thank you for your interest in working for the U.S. General Services Administration!
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
ALL required documents must be submitted before the closing date. Review the following list to determine what you need to submit.
Resume: Your resume should not exceed 2 pages and must demonstrate the specialized experience related to the position for which you are applying. Resumes exceeding two pages will not be accepted by USAJOBS and will prevent your application from moving forward in the hiring process. Your resume must contain the following information:
Name, address, telephone number, email address;
Job Title (if Federal Service, provide series and grade; if not in GS plan, provide GS equivalent grade);
Relevant work experience—should include employer name, job title, start and end dates (month/year), the number of hours worked per week and descriptions that explain how you meet the required qualifications in the job announcement.
Education, certifications or licensures—If the job announcement requires any education, certifications or licensures, make sure to include the required information and any required documents like transcripts.
Your resume should contain enough information to make a valid determination that you fully meet the basic, general, or specialized experience requirements for each grade level you are applying. This information must be clearly identified in your resume. If you do not provide enough information for us to determine your qualifications, you may be rated ineligible.
If you are ICTAP/CTAPeligible - submit a, b, and c: (a) proof of eligibility including agency notice; (b) SF-50, and (c) most recent performance appraisal.
Current or Former Political Appointees: Submit SF-50.
Submit a complete online application including any required documents prior to 11:59 pm Eastern Time on the closing date of the announcement. You can modify or complete your application any time before the deadline. Simply return to USAJOBS, select the vacancy, and update your application. For more detailed instructions on how to apply, click here: Apply for a GSA Job.
If you are having issues applying to this announcement, you should switch to a different browser, network or device. Note: Your firewall may block your transfer from USAJOBS to your GSA application.
To begin, click the Apply Online button on the vacancy announcement.
Sign in or register on USAJobs and select a resume and documents to include in your application.
Resumes exceeding two pages will not be accepted by USAJOBS and will prevent your application from moving forward in the hiring process. Please see Required Documents for additional details.
Once you have clicked Apply for this position now, you will be taken to the GSA site to complete the application process.
Click the Apply To This Vacancy and complete all steps in the application process until the Confirmation indicates your application is complete. If you click Return to USAJobs or get timed out prior to receiving confirmation, your application will not be submitted and cannot be considered for this job.
Note: Review the REQUIRED DOCUMENTS section of this announcement to determine which apply to you and must be submitted online. You may choose one or more of the following options to submit your document(s): Upload (from your computer) or USAJOBS (click the "USAJOBS" link to complete the transfer process).
Need Assistance?
Questions or issues completing an application and/or submitting documentation - contact mgshelp@monster.comor 1-866-656-6831 Monday-Friday 7AM - 7PM EST, except for Federal holidays
Specific questions on the position - contact the HR representative (Monday-Friday during normal business hours) listed on the announcement, prior to the application deadline
You must receive HR approval before deviating from these instructions.
Be sure to APPLY EARLY as most assessments must be completed fully and submitted before the announcement closing.
GSA, Office of GSA IT
Servicing HR Office: Staff Office Branch D
GSA, Office of Human Resources Management (OHRM)
1800 F Street, NW
Washington, District of Columbia 20405
United States
Next steps
After the closing date/deadline:
ELIGIBILITY/QUALIFICATIONS: Your application will be reviewed for all requirements.
REFERRAL TO MANAGEMENT: If you meet all the requirements, you may be referred to management for review and a possible interview.
SELECTION/TENTATIVE JOB OFFER: If you are selected, you will receive a tentative offer and start the suitability and/or security background investigation process.
FINAL JOB OFFER: Once our security office determines you can come on board, you will be given a final offer, which is typically 40 days after the announcement closes
FINAL COMMUNICATION: Once the position is filled, we will notify you of your status. You may also check your application status by logging into USAJOBS and clicking “Track this Application” on the Applicant Dashboard.
Thank you for your interest in working for the U.S. General Services Administration!
Fair and transparent
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
