IT CYBERSECURITY SPECIALIST (INFOSEC)

Summary Click on "Learn more about this agency" button below for IMPORTANT additional information. The primary purpose of this position, IT Cybersecurity Specialist (INFOSEC), GG-2210-12, is to serve as a Cybersecurity Specialist, performing Risk Management Framework (RMF) package reviews and security assessments for Air Force Materiel Command (AFMC) systems within the Air Force Intelligence Community (IC). Responsibilities - Perform comprehensive cybersecurity analysis and security reviews for the administration of the Air Force Materiel Command's (AFMC) Intelligence Community (IC) Cybersecurity Program. - Perform risk and vulnerability assessments across diverse technological areas including CDSs, networks, infrastructure, applications, and operational environments. - Manage the development, review, and tracking of documented POA&M remediation plans for systems with identified security vulnerabilities or non-compliant with AF IC, ODNI, and other policies. - Advise senior leadership on risk levels and changes affecting the organization's cybersecurity posture. Requirements Conditions of Employment Qualifications In order to qualify, you must meet the quality experience requirements described in the Office of Personnel Management (OPM) Qualification Standards, Information Technology (IT) Management Series 2210 (Alternative A). BASIC REQUIREMENT OR INDIVIDUAL OCCUPATIONAL REQUIREMENT: For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. In addition to meeting the basic requirement above, to qualify for this position you must also meet the qualification requirements listed below: EXPERIENCE REQUIRED: Your resume must reflect the quality level of experience which demonstrates the possession of the knowledge, skills, abilities, and competencies necessary for successful job performance required for this position. Examples of creditable experience include: knowledge of a wide range of cybersecurity concepts, principles, and practices. Knowledge of Cross Domain Solutions technologies, IT server and client technologies, network security architecture, threat assessment methodologies, common system vulnerabilities and the ability to analyze and resolve cybersecurity problems. KNOWLEDGE, SKILLS AND ABILITIES (KSAs): Your qualifications will be evaluated on the basis of your level of knowledge, skills, abilities and/or competencies in the following areas: 1. Extensive knowledge of risk management processes and requirements in alignment with Risk Management Framework (RMF), and organizational risk management directly related to the display, discussion, processing, storage, and connectivity of classified data. 2. Advanced knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth, Zero Trust, Cross Domain Solutions, data-centric security) relative to information technology (IT) goals and objectives. 3. Advanced knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation) and ability to assess risk in application of these principles and requirements to protect systems and applications against security threats and vulnerabilities. 4. Proficient knowledge of incident response and handling methodologies. 5. Skill in reviewing operational requirements and application of network/device/software protection methods (e.g., security controls, control systems, intrusion detection/protection systems, network data flow controls, identity and access management schemas, etc.) PART-TIME OR UNPAID EXPERIENCE: Credit will be given for appropriate unpaid and or part-time work. You must clearly identify the duties and responsibilities in each position held and the total number of hours per week. VOLUNTEER WORK EXPERIENCE: Refers to paid and unpaid experience, including volunteer work done through National Service Programs (i.e., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student and social). Volunteer work helps build critical competencies, knowledge and skills that can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Education Additional Information This position has been designated by the Air Force as a Testing Designated Position (TDP) under the Air Force Civilian Drug Demand Reduction Program. Candidate must pass initial and periodic short notice drug testing. Illegal drug use by employees in sensitive positions presents a clear threat to the mission of the Air Force, national security, and public safety. Information Assurance Certification is a condition of employment. This position includes information assurance (IA) work as a paramount duty requirement. Per DoDM 8140.03, and in accordance with the DoD Cyber Exchange website, or any future directly superseding authoritative source, the incumbent of this position must achieve the 'Advanced' proficiency level within the incumbent's primary DoD Cyber Workforce Framework (DCWF) within nine (9) months of assignment of these duties as per DoDI 8140.02. A limited-duration waiver for this requirement may be granted per DoD 8140.03. Failure to receive the proper Foundational Qualification may result in removal from this position. Position is designated special-sensitive and requires eligibility to Sensitive Compartmented Information (SCI), other intelligence-related Specialist Sensitive information, or involvement in Top Secret Special Access Programs (SAP) to fully perform the duties and responsibilities of the position. A non-disclosure agreement must be signed. Employed Annuitants (Reemployed Annuitants): Applicants in receipt of an annuity based on civilian employment in the Federal Service are subject to the DoD Policy on The Employment of Annuitants. Click here for more information. 120-Day Register: This announcement may result in a 120-day register that may be used to fill like vacancies for 120 days after the closing date. Applicants may be referred for consideration as vacancies occur. Direct Deposit: All federal employees are required to have direct deposit. Disabled veteran leave is available to a Federal employee hired on/after 5 Nov 2016, who is a veteran with a service-connected disability rating of 30% or more. For more information, click here. If you have questions regarding this announcement and have hearing or speech difficulties click here.