Summary This position is in the Data Breach Response Service (DBRS), Office of Information Technology (OIT), Department of Veterans Affairs (VA). The incumbent will develop, maintain, and administer a highly complex information security program that provides oversight to ensure that VA promptly identifies and responds appropriately to Privacy and Security related breaches involving Protected Health Information (PHI), Personally Identifiable Information (PII) and Sensitive Personal Information (SPI). Responsibilities OIT Mission: The mission of the Office of Information and Technology (OIT) is to collaborate with our business partners to create the best experience for all Veterans. OIT Vision: To become a world-class organization that provides a seamless, unified Veteran experience through the delivery of state-of-the-art technology. Major Duties: Performs specialized and complex information security work with includes conducting and executing studies/projects that have Federal regulations, public laws, directives, handbooks and other mandates regarding major department policy implications and providing management with information necessary for decision-making and long-range planning. Operates as a team member of a resource base that supports core security program functions and crosscutting initiatives and advises senior management on information security issues. Plans, directs and coordinates a unified organizational position on information security as it relates to Privacy and Security related breaches involving Protected Health Information, Personally Identifiable Information, and Sensitive Personal Information. Partners to share information, develop positions related to Privacy and Security issues, develops security products, such as policies/directives, and responses to statutory reporting requirements. Directs the maintenance and dissemination of information needed by Privacy Officers, Information System Security Officers, and system administrators on all governing guidance (e.g., statues and regulations), best practices, new vulnerabilities, and other contemporary issues using a variety of media to include the web, and electronic and print mailings. Develops and oversees privacy compliance program and privacy program staff, supporting privacy compliance, governance/policy, and incident response needs of privacy and security executives and their teams. Provides coordinated responses and follow-up actions to Privacy and Security data breach audits and external oversight organizations and maintains secure files of such responses and actions. Coordinates Privacy and Security data breach program responses for external reporting requirements. Directs the planning, evaluation, and coordination of Privacy and Security breach issues. Synchronizes and reconciles the response to Federal-wide Privacy and Security breach related initiatives and proposals. The incumbent provides data breach analysis utilizing the Privacy and Security Events Tracking System (PSETS). Incumbent timely reviews information provided in PSETS, prioritizes relevant facts, analyzes and assesses the submission, point out errors, incomplete or inconsistent data, and illogical arguments or conclusions. Incumbent decides based on the available facts as to whether a breach has occurred. Incumbent will determine the level of risk and whether notification and credit protection services are warranted if breach has occurred. Position Description/PD#: IT Specialist (Infosec)/PD16736A Relocation/Recruitment Incentives: Not Authorized Permanent Change of Station (PCS): Not Authorized Financial Disclosure Report: Not Required Travel Required: Occasional travel may be required as needed for this position. Work Schedule: Monday - Friday 8AM-4:30PM; Tour of duty will be determined based on organizational needs. Compressed/Flexible: As determined by the Agency Policy Virtual: This is not a virtual position. Physical Demands: The work is primarily sedentary, although some slight physical effort may be required. Working Conditions: Work is typically performed in an adequately lighted and climate-controlled office. May require occasional travel. Requirements Conditions of Employment You must be a U.S. Citizen to apply for this job Selective Service Registration is required for males born after 12/31/1959 You may be required to serve a probationary period Selectee is subject to background/suitability investigation Selected applicant will be required to complete an online onboarding process This position is subject to pre-employment and random drug testing. Complete the initial online assessment. Selected applicants will be required to complete an online onboarding process. Acceptable form(s) of identification will be required to complete pre-employment requirements (https://www.uscis.gov/i-9-central/form-i-9-acceptable-documents). Effective May 7, 2025, driver's licenses or state-issued identification cards that are not REAL ID compliant cannot be utilized as an acceptable form of identification for employment. Qualifications To qualify for this position, all qualification requirements must be met by the closing date of this announcement 08/22/2025. Time-In-Grade Requirement: Applicants who are current Federal employees and have held a GS grade any time in the past 52 weeks must also meet time-in-grade requirements by the closing date of this announcement. For the GS-14 position you must have served 52 weeks at the GS-13. The grade may have been in any occupation, but must have been held in the Federal service. An SF-50 that shows your time-in-grade eligibility must be submitted with your application materials. If the most recent SF-50 has an effective date within the past year, it may not clearly demonstrate you possess one-year time-in-grade, as required by the announcement. In this instance, you must provide an additional SF-50 that clearly demonstrates one-year time-in-grade. Applicants must meet all requirements when a request is received to fill a vacancy. You may qualify based on your experience as described below: Basic Requirements Experience: Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. For all positions individuals must have IT-related experience demonstrating each of the five competencies listed below. The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. AND Specialized Experience: You must have one year of specialized experience equivalent to at least the next lower grade GS-13 in the normal line of progression for the occupation in the organization. Specialized experience is defined as: extensive knowledge and expertise in privacy and security incident response, federal privacy regulations (including HIPAA), IT project management, risk assessments, policy development, and strategic planning. Applicants must have experience collaborating with cross-functional teams and providing high-level guidance to senior management, as well as demonstrating a proven ability to manage and implement effective breach mitigation strategies. Applicants should possess existing knowledge or prior experience with Privacy or Information Security incident response processes at VA and have a background or experience in privacy and/or information security actions specific to the protection of VA and Veteran data. The ideal candidate would be a former Privacy Officer, Information Systems Security Officer, or have prior experience working with or for the VA Data Breach Response Service (DBRS). A candidate with experience as a Contracting Officers Representative (COR) at Level 3 or higher, with prior experience managing IT contracts is preferred. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religions; spiritual; community; student; social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Note: A full year of work is considered to be 35-40 hours of work per week. Part-time experience will be credited on the basis of time actually spent in appropriate activities. Applicants wishing to receive credit for such experience must indicate clearly the nature of their duties and responsibilities in each position and the number of hours a week spent in such employment. Veterans and Transitioning Service Members: Please visit the VA for Vets site for career-search tools for Veterans seeking employment at VA, career development services for our existing Veterans, and coaching and reintegration support for military service members. Education There is no substitution of education for experience at the grade level(s) of this announcement. Additional Information VA supports the use of telework as a way to help attract and retain talented individuals in public service, increase worker productivity, and better prepare the agency to operate during emergencies. This position may be authorized for telework. Telework eligibility will be discussed during the interview process. The Interagency Career Transition Assistance Plan (ICTAP) and Career Transition Assistance Plan (CTAP) provide eligible displaced VA competitive service employees with selection priority over other candidates for competitive service vacancies. To be well-qualified, applicants must possess experience that exceeds the minimum qualifications of the position including all selective factors if applicable, and must be proficient in most of the requirements of the job. Information about ICTAP and CTAP eligibility is on OPM's Career Transition Resources website which can be found at https://www.opm.gov/. Receiving Service Credit or Earning Annual (Vacation) Leave: Federal Employees earn annual leave at a rate (4, 6 or 8 hours per pay period) which is based on the number of years they have served as a Federal employee. VA may offer newly-appointed Federal employee's credit for their job-related non-federal experience or active duty uniformed military service. This credited service can be used in determining the rate at which they earn annual leave. Such credit must be requested and approved prior to the appointment date and is not guaranteed. Placement Policy: The posting of this announcement does not obligate management to fill a vacancy or vacancies by promotion. The position may be filled by reassignment, change to lower grade, transfer, appointment, or reinstatement. Management may use any one or any combination of these methods to fill the position. Veterans and Transitioning Service Members: Please visit the VA for Vets site for career-search tools for Veterans seeking employment at VA, career development services for our existing Veterans, and coaching and reintegration support for military service members. It is the policy of the VA to not deny employment to those that have faced financial hardships or periods of unemployment. This job opportunity announcement may be used to fill additional vacancies. A selectee receiving a first appointment to the Federal Government (Civil Service) is entitled only to the lowest step of the grade for which selected. The display of a salary range on this vacancy shall not be construed as granting an entitlement to a higher rate of pay. If you are unable to apply online or need an alternate method to submit documents, please reach out to the Agency Contact listed in this Job Opportunity Announcement.
