Description

The incumbent performs IT Security, cyber-security mission related work in adherence to the Workforce Framework as outlined in the subsequent section of Cybersecurity Specialty Areas. Duties covered by this position description are in one or more of the core Cyber Security functional areas: Cybersecurity Compliance, Cloud Security Engineer, Cybersecurity Data Analysis, and Cyber-security Policy/Training.

MANY vacancies in the following location: Location Negotiable After Selection

Salary varies based on location. Visit OPM Website: https://www.opm.gov/policy-data-oversight/pay-leave/salaries-wages/2023/general-schedule

 This position is open 11/10/2022 to 11/10/2023

Full details about this position can be found on USAJOBS: https://www.usajobs.gov/job/688831600

Requirements

The IT Specialist (INFOSEC-Cybersecurity):

• Assists with development of risk analysis, accreditation, and certification packages to include disaster recovery plans in accordance with agency requirements. Assists Information Assurance (IA) personnel in conducting risk analysis and security tests and evaluations. Works with other security officers, users, and other support personnel to ensure security regulations are followed. Ensures agency security standards are met.
• Participates with user support personnel to train personnel and functional users on use of automated information systems, computers, local and wide area networks, and other automated systems management tools. Attends available commercial and Agency/OCIO courses needed to maintain current technical knowledge and depth as needed. Plans, develops, and administers training programs implementing the standardization, control, and/or guidance of communications programs.
• Ensure all facets of network connectivity (e.g., WAN architecture) and security controls including perimeter security are architected in a manner to safeguard DOT’s assets, applications and data including personally identifiable information (PII) in adherence to federal standards and industry best practices.
• Advises upper-level management and executives as well as other IT experts throughout the agency on identifying, selecting, and ensuring the proper instantiation of all necessary cloud tools including but not limited to continuous diagnostic and monitoring (CDM) versus CSP native tools. Establishes studies, technical assessments, surveys, and evaluations as needed based on enterprise cloud related problems or deficiencies.
• Supports the implementation, and evaluation of security programs in assigned organizations, including the implementation of security programs designed to anticipate, assess, and minimize system vulnerabilities. Assists in coordinating the implementation of security programs across platforms and establishes vulnerability reporting criteria.
• Coordinates with other DOT staff on the development of information security system and application policies, guidelines, standards, requirements, and procedures. Recommends ways to protect the organization’s information and information systems.

We are looking to grow our team with candidates who are motivated self-starter who can share their expertise in planning, development, and implementation of cyber security incident management and response programs; establishing policies and processes/procedures to use their skills to fill multiple positions related to Cybersecurity Compliance, Identity, Credential, and Access Management (ICAM), and Governance, Risk, and Compliance (GRC), Cloud Security and Cybersecurity Data Analysis.

Remote job - No

Telework eligible – Yes, as determined by the agency policy

Travel Required - N/A