Clarification from the agency

This public notice is issued under Direct Hire Authority (DHA) to recruit talent to occupations for which there is a severe shortage of candidates or a critical hiring need. This means that we can hire any qualified candidate from this notice or any other source. About this DHA notice: -Current civil service employees will receive new appointments if selected under this DHA. -For information on DHA, please visit https://www.opm.gov/policy-data-oversight/hiring-information/direct-hire-authority/

As an Information Security Specialist you will perform the following duties:

• Responsible for assisting in leading efforts within the agency to plan, develop, and maintain an agency-wide IT Security program in accordance with the Federal Information Security Management Act (FISMA) which establishes appropriate controls to ensure the protection of GSA's IT assets. The incumbent will assist in ensuring that all laws, regulations, policies, and procedures related to IT Security are implemented within GSA on a nationwide basis. The incumbent will be involved in finding technical solutions and providing technical guidance in IT security implementation. The responsibilities include addressing IT security concerns and facilitating IT security solutions for the agency.

• Participates in conducting and managing independent evaluations and compliance reviews of OCIO IT systems for which he/she has responsibility in accordance with FISMA. This includes, but is not limited to, Plan of Action and Milestones (POA&M) reviews, security authorization package reviews, exhibit 300 reviews, vulnerability assessments and scanning activities, system configuration reviews, and system inventory reviews.

• Serves as subject Matter Expert in all aspects relating to GSA’s mobile device program. The incumbent supports the CISO in managing GSA’s mobile device (Smartphone/tablet) program, its security, policy development and all aspects of management and implementation. The incumbent’s expertise shall include Apple iOS, Google Android, and BlackBerry mobile platforms.

• Responsible for CIO contingency event (COOP) planning, training, training exercises and management of actual event scenarios. Coordinates with senior management and other Service/Staff Office representatives to ensure IT support is available and requested support is provided. Coordinates on behalf of the GSA, CIO for additional support, redistribution of assets and manpower as well as tracking personnel accountability during an actual event.

• Responsible for reviewing and coordinating reporting of Security Advisory Alerts (SAA), compliance reviews, security training, incident reports, contingency plan testing, and other IT security program issues. The incumbent is responsible for supporting the security measures and goals set by the GSA Chief Information Security Officer.

Conditions of employment

• US Citizenship or National (Residents of American Samoa and Swains Island)
• Meet all eligibility requirements within 30 days of the closing date.
• Register with Selective Service if you are a male born after 12/31/1959
• Direct Deposit of salary check to financial organization required.

If selected, you must meet the following conditions:

Qualifications

For each job on your resume, provide:

• the exact dates you held  each job (from month/year to month/year)
• number of hours per week you worked (if part time).    

If you have volunteered your service through a National Service program (e.g., Peace Corps, Americorps), we encourage you to apply and include this experience on your resume.

The GS-14 salary range starts at $131,342 per year.

If you are a new federal employee, your starting salary will likely be set at the Step 1 of the grade for which you are selected.  

To qualify, you must have at least one year of specialized experience equivalent to the GS-13 level or higher in the Federal service and have IT-related experience demonstrating EACH of the four competencies below:

IT SPECIALIST COMPETENCY REQUIREMENTS:

• Attention to Detail - This skill is generally demonstrated by assignments where the applicant investigates and evaluates "state of the art" technology of the industry.
• Customer Service - This skill is generally demonstrated by assignments where the applicant confers with users to evaluate the effectiveness of, or identify the need for, computer programs or management systems.
• Oral Communication - This skill is generally demonstrated by assignments where the applicant persuades others to take particular course of action or to accept findings, recommendations, changes, or alternative viewpoints.
• Problem Solving - This skill is generally demonstrated by assignments where the applicant identifies and accommodates technology and resource constraints.

SPECIALIZED EXPERIENCE:  

Specialized experience is defined as performance of advanced information technology security work for a large organization. This includes planning, developing, or maintaining an organization-wide information security program; implementing and evaluating security controls across enterprise systems and cloud-based environments; and conducting security reviews such as system assessments, vulnerability identification, and corrective action tracking. Experience must also include providing technical guidance to leadership, supporting incident response or continuity operations, and collaborating across teams to resolve complex security issues.

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

Your application will be evaluated against the basic qualifications which includes any specialized experience and/or education requirements (if applicable). Qualified candidates will be considered in accordance with the Office of Personnel Management Direct Hire Guidelines. Applications will not be rated or ranked. Veterans’ Preference is not applicable to the direct hire recruitment procedures. Failure to submit a complete application or missing required supporting documentation may result in you not being considered for the position. Falsification of your background, education, and/or experience is grounds for non-selection or dismissal if hired. 

SME Resume Review:

Subject Matter Experts (SMEs) will evaluate your resume to determine your qualifications for this position using a pass/fail process. 

You may not be considered for the position, if any part of the application is incomplete or missing the required supporting documentation. Falsifying your background, education and/or experience is cause for not hiring you or dismissing you if hired. 

ICTAP/CTAP Candidates: The Interagency Career Transition Assistance Plan (ICTAP) and Career Transition Assistance Plan (CTAP) provide eligible displaced Federal competitive service employees with selection priority over other candidates for competitive service vacancies. To be qualified you must submit appropriate documentation (a copy of the agency notice, your most recent performance rating, and your most recent SF-50 noting current position, grade level, and duty location) and be found “well-qualified" for this vacancy.

In addition to meeting the basic qualifications stated in the qualification section of this announcement, well qualified is defined as: experience that exceeds the minimum qualifications of the position, demonstrated by meeting at least 3 out of 5 KSA’s listed below:

1. Knowledge of the IT Security area of specialization, governing laws, regulations, methodologies and policies to provide sound and authoritative technical guidance.

2. Skilled in  conducting and managing independent evaluations and compliance reviews.

3. Skill in managing a mobile device program which includes developing and implementing its security policy.

4. Skilled in managing and providing training exercises for continuing operations of program (COOP) events.

5.  Ability to apply a wide range of qualitative and quantitative methods for the assessment and improvement of a security advisory alerts program.