SUPERVISORY IT SPECIALIST (INFOSEC) at Department Of Defense
Hanover, MD 21076
About the Job
DutiesAs a SUPERVISORY IT SPECIALIST (INFOSEC) you will be responsible for the following duties:
- Responsible for the cybersecurity of a program, organization, system, or enclave
- Designs enterprise and systems security throughout the development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into security designs and processes.
- Manages and identifies program high-level technical specifications, which may include application design, cloud computing strategy and adoption, and integration of software applications into a functioning system to meet requirements
- Leads necessary compliance activities (e.g., ensure system security configuration guidelines are followed, compliance monitoring occurs).
- Applies advanced skills to ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
- Applies advanced skills in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
- Leads development of a system security context, a preliminary system security CONOPS, and define baseline system security requirements in accordance with applicable cybersecurity requirements.
- Leads development of security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.
- Leads development/integration of cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data primarily applicable to government organizations (e.g., UNCLASSIFIED, SECRET, and TOP SECRET).
- Applies advanced knowledge of cybersecurity principles and network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense in-depth).
- Applies advanced knowledge of cloud computing service models Software as Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).
- Applies advanced knowledge of cloud computing deployment models in private, public, and hybrid environments and the difference between on-premises and off.
- Supervises and assigns work to cybersecurity professionals and other engineering and scientific personnel.Requirements Conditions of EmploymentMust be a US citizenSelective Service Requirement: Males born after 12-31-59 must be registered for Selective Service
For more information
1601Work Schedule: Full TimeOvertime: OccasionallyTour of Duty: FlexiblePCS (Permanent Change of Station): May be authorized.Fair Labor Standards Act (FLSA): ExemptFinancial Disclosure: Not RequiredTelework Eligibility: This position is telework eligible, but is not a full time telework position
The incumbent will be required to report to the office on a routine basis.If selected, the incumbent must obtain and maintain appropriate security clearance as indicated in job announcement.Any Information Technology/Security certifications / education as specified in the DCWF Annex and as defined by DoD 8140-M are required within six months of appointment date.The incumbent must sign a Statement of Understanding regarding the certification requirements and maintaining the appropriate certification is a condition of employment
Qualifications
The experience described in your resume will be evaluated and screened from the Office of Personnel Management's (OPMs) basic qualifications requirements
See: i.e
for professional positions or positions with a basic education requirement: classification-qualifications/general-schedule-qualification-standards/0100/foreign-affairs series- 0130/; i.e
for positions with no IOR: policy-dataoversight/ classification-qualifications/general-schedule-qualification-standards/0300/gs-2210-information-technology-management series/) for OPM qualification standards, competencies and specialized experience needed to perform the duties of the position as described in the MAJOR DUTIES and QUALIFICATIONS sections of this announcement by 10/17/2024
Applicant must have directly applicable experience that demonstrates the possession of the knowledge, skills, abilities and competencies necessary for immediate success in the position
Qualifying experience may have been acquired in any public or private sector job, but will clearly demonstrate past experience in the application of the particular competencies/knowledge, skills and abilities necessary to successfully perform the duties of the position.
You must have specialized experience sufficient to demonstrate that you have acquired all the competencies necessary to perform at a level equivalent in difficulty, responsibility, and complexity to the next lower grade GS/GG-13 in the Federal service and are prepared to take on greater responsibility
Generally, this would include one year or more of such specialized experience
Specialized experience for this position includes:
1
Experience with the Risk Management Framework (RMF).
2
Management of information technology (IT) security goals and objectives to mitigate program risk.
3
Evaluation of IT engineering and development efforts to ensure baseline security safeguards are appropriately incorporated.
4
Supervision of program level Information System Security Officers (ISSOs) and Engineers (ISSEs).
5
Determination of security relevancy and impact of programmatic and technological changes.
6
IT data source security management; risk assessment; IT system cybersecurity strategy planning and implementation; Zero Trust Strategy; cybersecurity resource allocation; and mitigation of audit findings.
Skills to enter this position:
1
Experience with the Risk Management Framework (RMF) for DoD Systems (DODI 8510.01) S/E.
2
Experience with the Enterprise Mission Assurance Support Service (eMASS) system.
3
Experience ensuring Plans of Actions and Milestones (POA&Ms) or remediation plans are in place and executed against for vulnerabilities identified during risk assessments, audits, inspections, etc.
4
Knowledge of cloud computing deployment models and the difference between on-premises and off-premises/cloud environments.
5
Experience leading cybersecurity for a portfolio of interconnected and interrelated systems.Specifically you will be evaluated on the following competencies:
1
Systems Integration - Knowledge of principles, methods, and procedures for installing, integrating, and optimizing information systems components.
2
Enterprise Architecture: - An enterprise architecture (EA) is a conceptual blueprint that defines the structure and operation of an organization
The intent of an enterprise architecture is to determine how an organization can most effectively achieve its current and future objectives.
3
Information Assurance - Knowledge of methods and procedures to protect information systems and data by ensuring their availability, authentication, confidentiality, and integrity.
4
Software Engineering - Knowledge of software engineering design and development methodologies, paradigms, and tools; the software life cycle; software reusability; and software reliability metrics.
5
Planning and Evaluating - Organizes work, sets priorities, and determines resource requirements; determines short- or long-term goals and strategies to achieve them; coordinates with other organizations or parts of the organization to accomplish goals; monitors progress and evaluates outcomes.
Education
Substitution of education may not be used in lieu of specialized experience for this grade level.
Additional informationVETERANS PREFERENCE/CURRENT OR FORMER FEDERAL
In accordance with DoD Instruction 1400.25, Volume 2005, veterans preference is not required to be applied when considering candidates with prior Federal competitive or excepted service who have completed a probationary or trial period and have not been separated for cause
Therefore, veterans preference will not be applied to applicants with current federal service, or former federal civilian service meeting the above criteria.
Other Notes:Re-employed Annuitant: This position does not meet criteria for re-employed annuitant
The DoD criteria for hiring Re-employed Annuitants can be found at:
Applicants selected from this announcement may be required to serve a two-year trial period.
If selected, Federal employees currently serving in the competitive service must acknowledge that they will voluntarily leave the competitive service by accepting an offer of employment for a DCIPS excepted service positions.
The Office Under Secretary of Defense for Intelligence and Security established a Targeted Local Market Supplement (TLMS) for certain Science, Technology, Engineering, Mathematics, and Cyber positions within the Defense Civilian Intelligence Personnel System
Eligibility for the TLMS is based on cyber work roles within certain occupational series and on the work performed
This vacancy is designated as a STEM and/or Cyber position and pay for the incumbent will be based on the STEM and Cyber Pay Table.
If selected, non-DCIPS candidates must acknowledge in writing that the position they have been selected for is in the excepted service and covered by DCIPS.
Selection under this appointment authority does not confer civil service competitive status.All current and former Federal employees must submit a copy of your latest SF50 (Notification of Personnel Action) showing your tenure, grade and step, and type of position occupied (i.e., Excepted or Competitive); or similar Notification of Personnel Action documentation, i.e., Transcript of Service, Form 1150, etc.
Resumes should NOT include: Classified information/SSN/Photo of yourself/personal information (gender, religion, affiliation etc/Encrypted digitally signed docs)
Resumes with this prohibited information will be automatically ineligible for consideration
Help
A career with the U.S
government provides employees with a comprehensive benefits package
As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding
Opens in a new windowLearn more about federal benefits.
Review our benefitsEligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent
Contact the hiring agency for more information on the specific benefits offered.How You Will Be EvaluatedYou will be evaluated for this job based on how well you meet the qualifications above.
Read the job opportunity carefully to make sure you have included all required contact information.Include dates, hours, level of experience and examples for each work experienceFor each work experience you list, make sure you include:
Start and end dates (including the month and year).The number of hours you worked per week.The level and amount of experience-for instance, whether you served as a project manager or a team member helps to illustrate your level of experience.Examples of relevant experiences and accomplishments that prove you can perform the tasks at the level required for the job as stated in the job announcement
Your experience needs to address every required qualification.If your resume does not clearly outline details for each position as noted, you may be deemed "not referred" for this position.Once the application process is complete, your resume and supporting documentation will be used to determine whether you meet the job qualifications listed on this announcement
If you are minimally qualified for this job, your resume and supporting documentation will be compared to your responses on the Occupational Questionnaire
If you rate yourself higher than is supported by your application materials, your responses may be adjusted and/or you may be excluded from consideration for this job If you are found to be among the top candidates, you will be referred to the selecting official for employment consideration.
- Responsible for the cybersecurity of a program, organization, system, or enclave
- Designs enterprise and systems security throughout the development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into security designs and processes.
- Manages and identifies program high-level technical specifications, which may include application design, cloud computing strategy and adoption, and integration of software applications into a functioning system to meet requirements
- Leads necessary compliance activities (e.g., ensure system security configuration guidelines are followed, compliance monitoring occurs).
- Applies advanced skills to ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
- Applies advanced skills in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
- Leads development of a system security context, a preliminary system security CONOPS, and define baseline system security requirements in accordance with applicable cybersecurity requirements.
- Leads development of security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.
- Leads development/integration of cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data primarily applicable to government organizations (e.g., UNCLASSIFIED, SECRET, and TOP SECRET).
- Applies advanced knowledge of cybersecurity principles and network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense in-depth).
- Applies advanced knowledge of cloud computing service models Software as Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).
- Applies advanced knowledge of cloud computing deployment models in private, public, and hybrid environments and the difference between on-premises and off.
- Supervises and assigns work to cybersecurity professionals and other engineering and scientific personnel.Requirements Conditions of EmploymentMust be a US citizenSelective Service Requirement: Males born after 12-31-59 must be registered for Selective Service
For more information
http://www.sss.govResume
and supporting documents received by 11:59PM EST will be consideredThis is a Drug Testing designated positionPosition is a (DCIPS) position in the Excepted Service under U.S.C1601Work Schedule: Full TimeOvertime: OccasionallyTour of Duty: FlexiblePCS (Permanent Change of Station): May be authorized.Fair Labor Standards Act (FLSA): ExemptFinancial Disclosure: Not RequiredTelework Eligibility: This position is telework eligible, but is not a full time telework position
The incumbent will be required to report to the office on a routine basis.If selected, the incumbent must obtain and maintain appropriate security clearance as indicated in job announcement.Any Information Technology/Security certifications / education as specified in the DCWF Annex and as defined by DoD 8140-M are required within six months of appointment date.The incumbent must sign a Statement of Understanding regarding the certification requirements and maintaining the appropriate certification is a condition of employment
Qualifications
The experience described in your resume will be evaluated and screened from the Office of Personnel Management's (OPMs) basic qualifications requirements
See: i.e
for professional positions or positions with a basic education requirement: classification-qualifications/general-schedule-qualification-standards/0100/foreign-affairs series- 0130/; i.e
for positions with no IOR: policy-dataoversight/ classification-qualifications/general-schedule-qualification-standards/0300/gs-2210-information-technology-management series/) for OPM qualification standards, competencies and specialized experience needed to perform the duties of the position as described in the MAJOR DUTIES and QUALIFICATIONS sections of this announcement by 10/17/2024
Applicant must have directly applicable experience that demonstrates the possession of the knowledge, skills, abilities and competencies necessary for immediate success in the position
Qualifying experience may have been acquired in any public or private sector job, but will clearly demonstrate past experience in the application of the particular competencies/knowledge, skills and abilities necessary to successfully perform the duties of the position.
You must have specialized experience sufficient to demonstrate that you have acquired all the competencies necessary to perform at a level equivalent in difficulty, responsibility, and complexity to the next lower grade GS/GG-13 in the Federal service and are prepared to take on greater responsibility
Generally, this would include one year or more of such specialized experience
Specialized experience for this position includes:
1
Experience with the Risk Management Framework (RMF).
2
Management of information technology (IT) security goals and objectives to mitigate program risk.
3
Evaluation of IT engineering and development efforts to ensure baseline security safeguards are appropriately incorporated.
4
Supervision of program level Information System Security Officers (ISSOs) and Engineers (ISSEs).
5
Determination of security relevancy and impact of programmatic and technological changes.
6
IT data source security management; risk assessment; IT system cybersecurity strategy planning and implementation; Zero Trust Strategy; cybersecurity resource allocation; and mitigation of audit findings.
Skills to enter this position:
1
Experience with the Risk Management Framework (RMF) for DoD Systems (DODI 8510.01) S/E.
2
Experience with the Enterprise Mission Assurance Support Service (eMASS) system.
3
Experience ensuring Plans of Actions and Milestones (POA&Ms) or remediation plans are in place and executed against for vulnerabilities identified during risk assessments, audits, inspections, etc.
4
Knowledge of cloud computing deployment models and the difference between on-premises and off-premises/cloud environments.
5
Experience leading cybersecurity for a portfolio of interconnected and interrelated systems.Specifically you will be evaluated on the following competencies:
1
Systems Integration - Knowledge of principles, methods, and procedures for installing, integrating, and optimizing information systems components.
2
Enterprise Architecture: - An enterprise architecture (EA) is a conceptual blueprint that defines the structure and operation of an organization
The intent of an enterprise architecture is to determine how an organization can most effectively achieve its current and future objectives.
3
Information Assurance - Knowledge of methods and procedures to protect information systems and data by ensuring their availability, authentication, confidentiality, and integrity.
4
Software Engineering - Knowledge of software engineering design and development methodologies, paradigms, and tools; the software life cycle; software reusability; and software reliability metrics.
5
Planning and Evaluating - Organizes work, sets priorities, and determines resource requirements; determines short- or long-term goals and strategies to achieve them; coordinates with other organizations or parts of the organization to accomplish goals; monitors progress and evaluates outcomes.
Education
Substitution of education may not be used in lieu of specialized experience for this grade level.
Additional informationVETERANS PREFERENCE/CURRENT OR FORMER FEDERAL
In accordance with DoD Instruction 1400.25, Volume 2005, veterans preference is not required to be applied when considering candidates with prior Federal competitive or excepted service who have completed a probationary or trial period and have not been separated for cause
Therefore, veterans preference will not be applied to applicants with current federal service, or former federal civilian service meeting the above criteria.
Other Notes:Re-employed Annuitant: This position does not meet criteria for re-employed annuitant
The DoD criteria for hiring Re-employed Annuitants can be found at:
Applicants selected from this announcement may be required to serve a two-year trial period.
If selected, Federal employees currently serving in the competitive service must acknowledge that they will voluntarily leave the competitive service by accepting an offer of employment for a DCIPS excepted service positions.
The Office Under Secretary of Defense for Intelligence and Security established a Targeted Local Market Supplement (TLMS) for certain Science, Technology, Engineering, Mathematics, and Cyber positions within the Defense Civilian Intelligence Personnel System
Eligibility for the TLMS is based on cyber work roles within certain occupational series and on the work performed
This vacancy is designated as a STEM and/or Cyber position and pay for the incumbent will be based on the STEM and Cyber Pay Table.
If selected, non-DCIPS candidates must acknowledge in writing that the position they have been selected for is in the excepted service and covered by DCIPS.
Selection under this appointment authority does not confer civil service competitive status.All current and former Federal employees must submit a copy of your latest SF50 (Notification of Personnel Action) showing your tenure, grade and step, and type of position occupied (i.e., Excepted or Competitive); or similar Notification of Personnel Action documentation, i.e., Transcript of Service, Form 1150, etc.
Resumes should NOT include: Classified information/SSN/Photo of yourself/personal information (gender, religion, affiliation etc/Encrypted digitally signed docs)
Resumes with this prohibited information will be automatically ineligible for consideration
Help
A career with the U.S
government provides employees with a comprehensive benefits package
As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding
Opens in a new windowLearn more about federal benefits.
Review our benefitsEligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent
Contact the hiring agency for more information on the specific benefits offered.How You Will Be EvaluatedYou will be evaluated for this job based on how well you meet the qualifications above.
Read the job opportunity carefully to make sure you have included all required contact information.Include dates, hours, level of experience and examples for each work experienceFor each work experience you list, make sure you include:
Start and end dates (including the month and year).The number of hours you worked per week.The level and amount of experience-for instance, whether you served as a project manager or a team member helps to illustrate your level of experience.Examples of relevant experiences and accomplishments that prove you can perform the tasks at the level required for the job as stated in the job announcement
Your experience needs to address every required qualification.If your resume does not clearly outline details for each position as noted, you may be deemed "not referred" for this position.Once the application process is complete, your resume and supporting documentation will be used to determine whether you meet the job qualifications listed on this announcement
If you are minimally qualified for this job, your resume and supporting documentation will be compared to your responses on the Occupational Questionnaire
If you rate yourself higher than is supported by your application materials, your responses may be adjusted and/or you may be excluded from consideration for this job If you are found to be among the top candidates, you will be referred to the selecting official for employment consideration.