Duties

The IT Cybersecurity:

• Assists with development of risk analysis, accreditation, and certification packages to include disaster recovery plans in accordance with agency requirements. Assists Information Assurance (IA) personnel in conducting risk analysis and security tests and evaluations. Works with other security officers, users, and other support personnel to ensure security regulations are followed. Ensures agency security standards are met.
• Participates with user support personnel to train personnel and functional users on use of automated information systems, computers, local and wide area networks, and other automated systems management tools. Attends available commercial and Agency/OCIO courses needed to maintain current technical knowledge and depth as needed. Plans, develops, and administers training programs implementing the standardization, control, and/or guidance of communications programs.
• Ensures the rigorous application of information security/ information assurance policies, principles, and practices to the systems analysis process. Ensure all facets of network connectivity (e.g., WAN architecture) and security controls including perimeter security are architect-ed in a manner to safeguard DOT's assets, applications and data including personally identifiable information (PII) in adherence to federal standards and industry best practices.
• Supports the implementation, and evaluation of security programs in assigned organizations, including the implementation of security programs designed to anticipate, assess, and minimize system vulnerabilities. Assists in coordinating the implementation of security programs across platforms and establishes vulnerability reporting criteria. Coordinates with other DOT staff on the development of information security system and application policies, guidelines, standards, requirements, and procedures. Recommends ways to protect the organization's information and information systems.
• Conducts training of personnel on the Department's Cybersecurity Annual Training. Develops, plans, coordinates, delivers, and/or evaluates training courses, methods, and techniques as appropriate.

The Ideal Candidate Statement: DOT OCIO is looking for a seasoned professional, motivated self-starter who can share their expertise in planning, development, and implementation of cyber security incident management and response programs; establishing policies and processes/procedures to prevent, mitigate, and remediate cyber risks across the dynamic Departmental organization IT infrastructure; and knowledgeable of collective cyber security policies and best practices.

PLEASE NOTE: This is an open continuous, not to exceed one-year, vacancy. Given our continuing need for top professionals in this field, we will review applications on an as needed basis.

Requirements

Conditions of Employment

• You must be a U.S. citizen & meet specialized experience to qualify
• Submit application and resume online by 11:59 PM EST on the closing date
• Required documents must be submitted by the closing date.
• Direct Hire Authority will be used to fill this position

CONDITIONS OF EMPLOYMENT:

• SELECTIVE SERVICE: Males born after 12/31/1959 must be registered for the Selective Service.
• GOVERNMENT TRAVEL CARD: This position involves travel. A government contractor-issued travel card will be issued and must be retained for official business only.
• PROBATIONARY PERIOD: Applicants may be required to successfully complete a one-year probationary period (unless already completed).
• GOVERNMENT TRAVEL CARD: This position involves travel. A government contractor-issued travel card will be issued and must be retained for official business only

Qualifications

To meet the minimum qualifications for this position, you must meet the specialized experience qualifications for the grade at which you are requesting consideration.

To qualify for the Grade 13, you must have at least one year of experience equal or equivalent to the GS-12, it must include:

• Experience interpreting policy and guidance related to information system security management, such as National Institute of Standards and Technology (NIST) to successfully implement standards and other policies, standards, guidelines and regulations governing information technology and cybersecurity.
• Experience performing hands-on configuration and troubleshooting of Identity, Credential, and Access Management (ICAM) tools and technologies, as well as analyzing business processes for gaps and opportunities for improvement.

To qualify for the Grade 14, you must have at least one year of experience equal or equivalent to the GS-13, it must include:

• Experience leveraging with Identity, Credential, and Access Management (ICAM) tools and technologies such as including SailPoint Identity IQ, Radiant Logic, Okta, CyberArk Privileged Access Security, Entrust Identity Guard, Active Directory/LDAP or similar products to implement and review security requirements or software designs for potential security risks.
• Experience application of information security/ information assurance policies, principles, and practices to the systems analysis process of the tools/technologies required to implement or oversee hardware/software asset management; Identity, credential, and access management(ICAM); Data discovery; Secure cloud services; Intrusion detection and prevention; Endpoint detection and response; Cyber threat intelligence; Enterprise cybersecurity risk management; Supply chain risk.
• Experience in identifying and driving requirements, for the modernization of Identity, Credential, and Access Management (ICAM) services in hybrid and cloud environments (e.g., AWS, SaaS) with mobility and automation.
• Experience in planning and managing multiple full life-cycle IT operations-related projects with a focus on Cyber security including; developing detailed project work plans; identifying schedules and budgets; developing marketing strategies; preparing and delivering formal and informal presentations; meeting project milestones and finalizing project close-out reports.

In addition to meeting the above described specialized experience requirements, your IT experience will be evaluated and be expected to include described experience in the following competencies:

• Attention to Detail: Work is thorough and conscientious about attending to detail.
• Customer Service: Working with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, providing information or assistance, assigning staff to resolve their problems, or satisfying their expectations; knowing about available products and services; committed to providing quality products and services.
• Oral Communication: Expressing information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); making clear and convincing oral presentations; listening to others, attending to nonverbal cues, and responding appropriately.
• Problem Solving: Identifying problems; determining accuracy and relevance of information; using sound judgment to generate and evaluate alternatives and making recommendations based on technical requirements.

For all types of consideration, experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

For additional information about applying to Federal positions, please click on the following link: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-policies/#url=e4


All applicants must meet all qualification requirements by the closing date of this announcement.

Additional information

This announcement may be used to fill additional positions if similar vacancies occur within 90 days of the issue date of the referral certificate.

Qualified CTAP/ICTAP candidates receive priority and will be referred to the hiring manager.

The OCIO has many job opportunities available. Our goal is to attract and retain a diverse group of talented employees to support our mission. Job opportunities are available in all of the OCIO program offices.

https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.transportation.gov%2Fcareers%2Fdot-ocio-open-job-opportunities&data=05%7C01%7CAva.Schnock%40dot.gov%7C878e8f4ab5cf407370af08db23fd9629%7Cc4cd245b44f04395a1aa3848d258f78b%7C0%7C0%7C638143344270479308%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=qyl9ArNfD3zCWohUFtjGPx%2BbFYUZUg0W8C95KXQGNCQ%3D&reserved=0