Summary This position is part of the Defense Nuclear Facilities Safety Board. The incumbent serves as the Defense Nuclear Facilities Safety Board (DNFSB) IT Specialist (InfoSec) under the direction of the Chief Information Officer or Chief Information Security Officer, in the Information Technology (IT) security programs, and support DNFSB/DIT, implement IT policies that enhance the safety and resiliency of the agency's systems, hardware, software, and networks. Responsibilities Develops high level plans, techniques, and measurable objectives to improve the development of cybersecurity and privacy measures and practices in meeting goals and objectives of the agency and to protect sensitive information. Make decisions that are data driven and recommend solutions that measure cybersecurity and privacy protection performance. Works in collaboration with the CISO in developing a comprehensive cybersecurity strategy for the agency, including leveraging DNFSB's cybersecurity and privacy program as a mission enabler, and creating performance measures for the DNFSB cybersecurity and privacy program. Provides leadership and managerial direction to subordinate staff responsible for providing information security management and the rigorous application of cybersecurity/information assurance policies, principles, and practices in the delivery of planning and management services to all components of the enterprise. Provides policy guidance to staff through the discussion of overall specific problems, which may be precedent setting, extremely complex, and/or very unusual. Develops and maintains information security guidelines, policies, plans and procedures ensuring effective conduct of assigned missions, functions, and operations of the bureau/office. Ensure compliance with federal regulations: FISMA, NIST SP 800-53, OMB Guidance, and agency-specific policies. Support audits and inspections: provide evidence, respond to findings, and ensure corrective actions are completed. Monitor day-to-day security operations: track incidents, review audit logs, and ensure operational security procedures are followed. Conduct vulnerability management: Perform or oversee scanning, patching, log reviews, and remediation. Prepare and maintain documentation: Maintain SSPs, POA&Ms, risk assessments, and other required artifacts. Requirements Conditions of Employment US Citizenship is required. Suitable for Federal employment, determined by background investigation. Must pass a drug screening. Direct Deposit of pay is required. Selective Service registration required for male applicants, unless exempt. Status candidates must meet time-in-grade (see Qualifications). Qualifications Basic Qualifications for IT Specialist (INFOSEC) position(s)You must possess IT-related experience demonstrating each of the four competencies listed below. (You must have IT-related experience demonstrating each of these four competencies on your resume, if you do not, you will be rated ineligible for further consideration.): Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. In addition to the four competencies above, you must meet the following: Specialized Experience Requirement: At the GS-14 level, you must meet the following qualification: Must have at least one (1) full year of specialized experience equivalent to at least the next lower grade level (GS-13) in the Federal Service that has given you the particular knowledge, skills and abilities required to successfully perform the duties the position. Specialized experience for this position is defined as: Managed information technology (IT) security projects that require extensive knowledge of IT hardware/software technology; Prepared IT systems documentation to support system certification/accreditation in accordance with FISMA, FedRAMP, and/or other Federal guidelines or regulations; Provided technical guidance and interpretation of IT cybersecurity policies, processes and procedures and privacy guidance for the management and protection of agency information and assets, including the protection of personally identifiable information (PII), controlled unclassified information (CUI), and other sensitive information that is received, transmitted, and stored in information systems; Led the development of system security plans, privacy threshold assessments, plans of actions & milestones (POA&M) and other documentation to support system authorization activities; Developed scenarios in support of disaster recovery, contingency planning, breach response and other annual exercises; Monitored and evaluated system compliance with IT security requirements; and Assisted in IT-related audits, such as the annual FISMA audit. Only experience and education obtained by the closing date of this announcement will be considered. Time-In-Grade Requirement: Current career or career-conditional employees of the Federal government, or former career or career-conditional employees, who have a break in service of less than one year, are required to meet the time-in-grade restriction of one year of Federal experience at the next lower grade, with few exceptions outlined in 5 CFR 300.603(b). Selective Placement Factor This position requires a current and valid certification in order to be found qualified. Please provide a current and valid copy of one (1) of the three (3) certifications below in your application package. Failure to provide a current and valid copy of the certification will result in loss of consideration. ISACA Certified Information Systems Security Professional (CISSP); or ISACA Certified Information Security Manager (CISM); or ISACA Certified Information Systems Security Officer (CISSO). Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). You will receive credit for all qualifying experience, including volunteer experience. Education There is no substitution of education for experience for this position. Additional Information Career Transition Assistance Programs: CTAP/ICTAP provides placement assistance to permanent Federal employees who are surplus, displaced, or involuntarily separated. Applicants claiming CTAP/ICTAP eligibility must submit a copy of their most recent performance appraisal, proof of eligibility, and most current SF-50 noting position, grade level, and duty location with their application. To be considered under CTAP/ICTAP, applicants must be well-qualified (i.e., meet the minimum qualification requirements, including any selective placement factors; education, and experience requirements), score at least 85 on the assessment questionnaire, and be able to perform the duties of the position upon entry. For information on CTAP and ICTAP visit here. Appointment Authorities: For more information on appointment authority eligibility requirements: Persons with Disabilities-Schedule A Special Hiring Authorities for Veterans Special Hiring Authority for Certain Military Spouses Other Special Appointment Authorities OPM Interchange Agreement and Other Miscellaneous Authorities Telework Suitability: The duties of this position are suitable for occasional telework and the selectee may be allowed to telework with supervisor approval and if they meet the eligibility criterion in the 2010 Telework Act. Stipulations of Employment: As a condition of employment for accepting this position, you may be required to serve a 1-year probationary period during which we will evaluate your fitness and whether your continued employment advances the public interest. In determining if your employment advances the public interest, we may consider: Your performance and conduct; The needs and interests of the agency; Whether your continued employment would advance the organizational goals of the agency or the Government; and Whether your continued employment would advance the efficiency of the Federal service. Upon completion of your probationary period, your employment may be terminated unless you receive certification, in writing, that your continued employment advances the public interest. Selection must successfully complete and pass a drug screening. If selected, you will be required to file, prior to entrance on duty, a Confidential Financial Disclosure Report (OGE Form 450). Work Schedule: This position allows for a flexible work schedule. Miscellaneous: DNFSB uses E-Verify to confirm the employment eligibility of all newly hired employees. To learn more about E-Verify, including your rights and responsibilities, please visit http://www.uscis.gov/e-verify. This vacancy announcement may be used to fill similar positions within 90 days. Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.
