Vacancy Summary

Qualifications

KNOWLEDGE, SKILLS, AND ABILITIES:

Knowledge of cybersecurity principles, methods, and tools.

Knowledge of information systems security operations, techniques, and standards.

Ability to communicate in writing.

MINIMUM FEDERAL QUALIFICATION REQUIREMENTS:

Grade 13:

Qualifying experience for the GS-13 level requires IT-related experience that demonstrates each of the following four competencies: Attention to Detail; Customer Service; Oral Communication; and Problem Solving; AND one (1) year of specialized experience at least equivalent to the GS-12 level. Specialized experience is experience that is in or directly related to the line of work of the position to be filled and that has equipped the applicant with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position. Experience must be IT-related and may be paid or unpaid experience.

Example of specialized experience for positions at the GS-13 level, typically gained in the IT field or through performance of work where the primary concern is IT, includes experience analyzing a number of alternative approaches when advising management concerning major aspects of IT system design. The experience demonstrates accomplishment of IT project assignments requiring knowledge of IT requirements and techniques pertinent to the position to be filled. Specific specialized experience examples include, coordinating the implementation of information continuous monitoring programs, implementing security operations capabilities to include network and log monitoring, integrating security architectures into both commercial-off-the-shelf (COTS) and custom software systems, or reviewing proposed new systems/networks/software for potential information security risks.

Court Services and Offender Supervision Agency

Information Technology Specialist (INFOSEC), GS-2210-13

Announcement Number:	OD-17-059-DEU-EB	Application Deadline:	08/21/2017
Locations:	Washington, Dist of Columbia	Open Date:	07/31/2017
Salary Range:	Min: 94796.0 - Max: 123234.0	Location Notes:	Washington, DC
Pay Schedule:	Annual	Who May Apply:	US Citizens
Time Limit:	Permanent - No time limit	Promotion Potential:	13
Number of Vacancies:	1	Work Schedule:	Full Time

Agency Marketing Statement:

A FEDERAL CAREER LIKE NO OTHER!!! Are you ready to increase public safety, prevent crimes, reduce recidivism, and support the fair administration of justice in close collaboration with the District of Columbia's community? The Court Services and Offender Supervision Agency's (CSOSA) has an opening for an Information Technology Specialist (Information Security), to join our dedicated team and gain invaluable experience working in the public interest to support the fair administration of justice.
A FEDERAL CAREER LIKE NO OTHER!!! Are you ready to increase public safety, prevent crimes, reduce recidivism, and support the fair administration of justice in close collaboration with the District of Columbia's community? The Court Services and Offender Supervision Agency's (CSOSA) has an opening for an Information Technology Specialist (Information Security), to join our dedicated team and gain invaluable experience working in the public interest to support the fair administration of justice.

Notes:

LOCATION: Court Services and Offender Supervision Agency (CSOSA), Office of the Director, Washington, DC.

If you would like to learn more about CSOSA, we encourage you to visit our website at www.csosa.gov.

This vacancy announcement may be used to fill future vacancies within one year.

As a part of the applicant assessment process for this job opportunity announcement, all applicants MUST provide a response to the following statements in narrative form and : 1.) Describe your experience developing security reference architectures? 2.) Describe your experience with cyber security operations and incident response capabilities? 3.) Describe your experience developing an information security continuous monitoring (ISCM) program and implementing automated security tools to support the ISCM program?
LOCATION: Court Services and Offender Supervision Agency (CSOSA), Office of the Director, Washington, DC. If you would like to learn more about CSOSA, we encourage you to visit our website at www.csosa.gov. This vacancy announcement may be used to fill future vacancies within one year. As a part of the applicant assessment process for this job opportunity announcement, all applicants MUST provide a response to the following statements in narrative form and : 1.) Describe your experience developing security reference architectures? 2.) Describe your experience with cyber security operations and incident response capabilities? 3.) Describe your experience developing an information security continuous monitoring (ISCM) program and implementing automated security tools to support the ISCM program?

Duties:

Develops Authorization to Operate (ATO) and ISCM Status Reports, and ISCM and Cyber Security Reports and Dashboards, updating them on a continuous basis.

Documents operational procedures and maintains Cyber Security and ISCM tools and technologies. Provides support to the Cyber Security Operations Center (CSOC) and participates in architecture/deployments of Cyber Security and ISCM tools and technologies, including coordination with the DHS CDM Program and other related Agencies.

Participates in the vulnerability management program and tracks vulnerabilities and remediation activities, including identifying and reporting information system and software security flaws through vulnerability scanning, configuration compliance scanning, application security scanning, and other sources weekly.
Develops Authorization to Operate (ATO) and ISCM Status Reports, and ISCM and Cyber Security Reports and Dashboards, updating them on a continuous basis. Documents operational procedures and maintains Cyber Security and ISCM tools and technologies. Provides support to the Cyber Security Operations Center (CSOC) and participates in architecture/deployments of Cyber Security and ISCM tools and technologies, including coordination with the DHS CDM Program and other related Agencies. Participates in the vulnerability management program and tracks vulnerabilities and remediation activities, including identifying and reporting information system and software security flaws through vulnerability scanning, configuration compliance scanning, application security scanning, and other sources weekly.
Establishes, documents and maintains configuration settings for all information systems, including identifying, documenting, and approving any deviations from established configuration settings. Reviews proposed configuration-controlled changes to the information systems and recommending approval or disapproval to the Agency CISO based on an explicit consideration for security impact analyses.

Manages mobile device security policies and ensure mobile device operating systems are updated. Maintains CSOC Server, Workstations, and Laptops, including the VM Infrastructure.

Leads the development of information security architectures and security reference architectures. Integrates security engineering principles in the system and software design and architecture. Integrates audit review, analysis, and reporting tools to support forensics and incident response activities. Provides information security role-based training.
Establishes, documents and maintains configuration settings for all information systems, including identifying, documenting, and approving any deviations from established configuration settings. Reviews proposed configuration-controlled changes to the information systems and recommending approval or disapproval to the Agency CISO based on an explicit consideration for security impact analyses. Manages mobile device security policies and ensure mobile device operating systems are updated. Maintains CSOC Server, Workstations, and Laptops, including the VM Infrastructure. Leads the development of information security architectures and security reference architectures. Integrates security engineering principles in the system and software design and architecture. Integrates audit review, analysis, and reporting tools to support forensics and incident response activities. Provides information security role-based training.