Defense Finance and Accounting Service IT CYBERSECURITY SPECIALIST (INFOSEC) in Indianapolis, Indiana
Summary Who may apply: Current Permanent DFAS Agency Employees; PPP DoD Military Spouse Preference Eligible and current DFAS VRA employees. Position located in: IT DIR OFFICE, ITENTERPRISE SERVICES, IT SECURITY SERVICES, CYBER SECURITY SERVICE PROVIDER, ZTAGC. This job announcement may be used to fill similar positions on other teams in the I&T Directorate. Applicants on Bratenahl list may be considered for positions in Cleveland. Responsibilities The purpose of this position is to serve as a Cybersecurity Assessor for Defense Finance and Accounting Service. Conduct independent security control assessments to confirm or establish, by testing, evaluating, and analyzing evidence, that privacy and security controls are implemented correctly and effectively. Apply knowledge of security regulations, policy, instructions, frameworks, and best-practice, with a focus working with NIST Cybersecurity Framework, DoD Risk Management Framework, FISMA and related DoD cyber security policy and directives. Identify requirements implementing and testing security technical standards for assigned technologies or information systems such as web applications, databases, operating systems, network devices, etc. Conduct assessments to analyze vulnerabilities and threats to determine overall risk to the confidentiality, integrity, and availability of DFAS information systems. Analyze and interpret results of vulnerability and security scanning tools to determine impact to security posture. Analyze results, provide narrative and statistical reports, and prepare final assessment report to advise management on risk posture. Provide guidance and support to less-senior RMF assessors to support the growth and development of the DFAS RMF Assessment Team. Requirements Conditions of Employment Qualifications Basic Requirement: Applicants must have IT-related experience demonstrating the following competencies appropriate to, or above, the level of this position. For vacancies below the full-performance level of the position, the basic requirement will be evaluated on a developmental basis. Your resume and work experience should clearly support your ability to meet these competencies and will be evaluated as part of the entire application process. Attention to Detail - experience reviewing my own information technology-related work or data and have been asked by others to review their work or data to ensure accuracy, completeness, and consistency with standards. Customer Service - experience maintaining relationships with customers, assessing current information technology needs of customers, and developing or identifying information technology products and services that are tailored to meet customer needs. Oral Communication - briefing mid-level management and IT staff on the status of information technology systems, projects, or daily operations, including the communication of technical information to a non-technical audience. Problem Solving - identifying alternatives to address complex information technology-related issues by gathering and applying information from a variety of sources that provide a number of potential solutions. In addition to meeting the basic requirement, qualified applicants must possess: One year of specialized experience equivalent in level of difficulty and responsibility to that of the next lower grade (GS-12) within the federal service, which demonstrates the ability to perform the duties of the position, is required. Specialized Experience is defined as: Hands-on experience conducting independent security assessments, working knowledge of Risk Management Framework (RMF) Assessor role within the DoD Risk Management Framework, and an ability to identify risks and vulnerabilities within information systems in accordance with DoD policy. Education Education is not substitutable for specialized experience at this grade level. Additional Information If you are unable to apply online, view the following link for information regarding Alternate Application. Moving expenses Will be paid. The Tax Cuts and Jobs Act of 2017 makes certain reimbursements/payments taxable. For information on these changes and the Relocation Income Tax Allowance (RITA), for which some appointees are eligible, click here. For positions where relocation is paid (see Location block of vacancy announcement), you can learn more about relocation allowances and entitlements. Telework availability will be based upon the mission requirements and supervisory determination. We may use this announcement to make a temporary promotion. For some positions, the temporary promotion may be made permanent without further competition. Selections are subject to restrictions resulting from the DoD Program for Stability of Civilian Employment. A two year probationary or trial period may be required. A one year supervisory or managerial probationary period may be required. We may use this announcement to fill additional vacancies within 120 days of the closing date. This position is Exempt from the Fair Labor Standards Act. Travel requirement is Occasional. This position Is covered by a bargaining unit. Retired Civil Service Employee: Employment of retired Federal employees receiving an annuity is subject to the requirements of the Department of Defense (DoD) policy guidance. (See DoD Instruction 1400.25, Volume 300, at http://www.dtic.mil/whs/directives) Per DFAS 8570.01-I, as a CONDITION OF EMPLOYMENT, this position requires the selected candidate to obtain and maintain a DoD-approved baseline Cybersecurity certification, applicable workforce qualification requirements, and, if applicable, computing environment certificate. The selected candidate must meet these requirements within six (6) months after entry on duty. Failure to do so may lead to removal from the Federal service.