Clarification from the agency

This public notice is issued under Direct Hire Authority (DHA) to recruit talent to occupations for which there is a severe shortage of candidates or a critical hiring need. This means that we can hire any qualified candidate from this notice or any other source. About this DHA notice: -Current civil service employees will receive new appointments if selected under this DHA. -For information on DHA, please visit https://www.opm.gov/policy-data-oversight/hiring-information/direct-hire-authority/

The Office of Inspector General (OIG) for the General Services Administration (GSA) is one of the original OIGs established by the Inspector General Act of 1978. The OIGs were created as independent and objective entities within an agency to (a) promote economy, efficiency, and effectiveness in the administration of the agency, and (b) to prevent and detect fraud and abuse in agency programs and operations. The OIGs report to the agency head and Congress through semi-annual and other reports. The GSA OIG operates as an autonomous entity within GSA under a presidentially appointed, Senate confirmed Inspector General who supervises a diverse team of approximately 300 professionals in headquarters' administrative, legal, and operational components and in regional operational offices throughout the country. The GSA OIG is dedicated to protecting the public interest by bringing about positive changes in the performance, accountability, and integrity of GSA programs and operations. Oversight is provided through auditing, inspections and evaluations, and investigations of GSA extensive procurement, real property, and related programs and operations, which primarily support other federal agencies. OIG oversight components report their findings and recommend courses of action to promote efficiency and economy in the GSA’s activities. Applicants are encouraged to review the work and accomplishments of the GSA OIG on our website, https://www.gsaig.gov/.

The incumbent of this position serves as a Chief Information Security Officer (CISO) and has superior knowledge and skills in the areas of Systems/Network Engineering and Administration and Network/Information Security.

This position is located in the Office of Inspector General (OIG), Office of Administration, Information Technology Division (JPM). The incumbent serves as the Chief Information Security Officer (CISO) and is an IT security expert. This position is classified as a Supervisory IT Specialist (Security), and as such, the incumbent supervises the IT security team and assists in the interpretation, implementation, establishment and adherence of all policies related to the Division. The incumbent reports directly to the OIG Chief Information Officer (CIO).

The major responsibilities of this position include: 

• Providing technical and authoritative advice on IT security to support staff and communicates to individual team members their assignments, projects, and/or problems to be solved; actionable events, milestones, and/or program issues under review; and, deadlines and timeframes for completion;
• Participating with the CIO in defining, implementing and structuring security requirements;
• Establishing and enforcing security parameters for agency wide adoption and use of Artificial Intelligence (AI);
• Assessing and mitigating security incidents and enforcing protocols to prevent malicious activity from occurring and ensuring business continuity during security incidents;
• Conducting Authority to Operate (ATO) reviews for the CIO to sign;
• Enforcing security standards for the entire agency
• Attending strategies and meetings and providing input on policies, processes and procedures;
• Monitoring the status and progress of work assignments to ensure that deadlines and schedules are met;
• Representing the Division in meetings for the purpose of obtaining resources (i.e. computer hardware and software, and other IT equipment required for securing the OIG’s infrastructure, travel budget), and securing needed information or decisions from the Director on major work problems and issues that arise;
• Conducting regular reoccurring IT security project status meetings with stakeholders; and,
• Developing, maintaining, and forecasting the budget for the IT Security team – to include all expenses related to compensatory time, travel, training needs for future projects, etc.

Conditions of employment

• US Citizenship or National (Residents of American Samoa and Swains Island)
• Meet all eligibility requirements within 30 days of the closing date.
• Register with Selective Service if you are a male born after 12/31/1959

If selected, you must meet the following conditions:

Qualifications

The GS-14 salary range starts at $143,913 per year.

If you are a new federal employee, your starting salary will likely be set at the Step 1 of the grade for which you are selected.  

To qualify, you must meet the following requirements: Have IT-related experience demonstrating EACH of the four IT Specialist competencies AND one year of specialized experience equivalent to the GS-13 level in the Federal service as described below:

IT SPECIALIST COMPETENCY REQUIREMENTS:

• Attention to Detail - This skill is generally demonstrated by assignments where the applicant keeps abreast of latest technology, information, research, etc., to maintain knowledge in the field of IT security (for example, reads trade journals, participates in professional/technical associations, maintains credentials).
• Customer Service - This skill is generally demonstrated by assignments where the applicant promotes or develops and maintains good working relationships with key individuals or groups.
• Oral Communication - This skill is generally demonstrated by assignments where the applicant serves on panels, committees, or task forces as a representative for the organization on issues pertaining to IT security.
• Problem Solving - This skill is generally demonstrated by assignments where the applicant monitors current trends or events in order to assess organizational needs and formulate solutions to complex IT security issues.

SPECIALIZED EXPERIENCE REQUIREMENTS: Specialized experience is:

• Leading teams and/or supervising others in work relating to systems engineering with Windows servers, Storage Area Networking, Virtualization, Routing and Switching, Databases, Firewalls, and Virtual Private Networking.
• Providing expert technical advice, guidance, and recommendations to management and other technical specialists on critical IT issues - including information security.
• Experience with Zero Trust Architecture (ZTA)
• Experience with research, validation, and approval of Large Language Models (LLMs) - and other AI models - for use within an organization.
• Applying security requirements such as the Federal Information Security Management Act of 2002 (FISMA), Federal Risk and Authorization Management Program (FedRAMP), NIST 800-53, and other applicable federal requirements for assessment, authorization, and continuous monitoring.
• Interpreting and applying policies, procedures, and strategies that govern the planning and delivery of IT services.
• Managing network scans, log reviews, IDS configurations, and AV/Malware flags
• Experience with security analysis toolsets, information security concepts, principles and practices
• Configuring and managing firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices at an enterprise level.

It is preferred that you have: a security-based certification such as CISM (ISACA), CISA(ISACA),CISSP(ISC2), CEH (EC-Council), GAIC (Sans), Security+ (CompTIA) or other comparable certification. Please list any/all certifications in your resume and be prepared to describe how they are comparable/relevant to those listed above and/or the position being sought.

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

Applications will be assessed by a panel or one or more Subject Matter Experts (SMEs) to identify applicants who have the level of proficiency needed for successful job performance in accordance with the Office of Personnel Management Direct Hire Guidelines. Following the competency-based structured resume review, fully qualified applicants will be referred to the hiring manager for further consideration.

Veterans’ Preference does not apply to the direct hire recruitment procedures.

You may not be considered for the position, if any part of the application is incomplete or missing the required supporting documentation. Falsifying your background, education and/or experience is cause for not hiring you or dismissing you if hired. 

ICTAP/CTAP Candidates: The Interagency Career Transition Assistance Plan (ICTAP) and Career Transition Assistance Plan (CTAP) provide eligible displaced Federal competitive service employees with selection priority over other candidates for competitive service vacancies. To be qualified you must submit appropriate documentation (a copy of the agency notice, your most recent performance rating, and your most recent SF-50 noting current position, grade level, and duty location) and be found “well-qualified" for this vacancy. In addition to meeting the basic qualifications stated in the qualification section of this announcement, well qualified is defined as: experience that exceeds the minimum qualifications of the position, demonstrated by possession of all competencies required for the position at a proficiency that exceeds the minimum expectations. This will be determined based upon the SME review of your resume against the competencies outlined below.

1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
2. Customer Service - Works with clients and customers to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
3. Oral Communication - Expresses information to individuals or groups effectively, taking into account the audience and nature of the information; makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.
5. Ability to perform the full range of supervisory functions, directing, advising, and mentoring subordinate staff in their day-to-day work 
6. Ability to engage in decision making in a methodical and calculated way; investigating all available data in an organized manner and taking consistent, logical action.
7. Superior knowledge and skills in the areas of Systems/Network Engineering and Administration and Network/Information Security. Specifically, possession of this KSA is met by meeting the specialized experience requirements listed in the Qualifications section of this vacancy announcement.

Demonstration of these KSA’s must be supported by your resume. Subject Matter Experts (SMEs) may be utilized in the evaluation of qualifications and KSAs.