IT Specialist (INFOSEC)
This position is in the Associate Chief Information Officer for Cyber Security (ACIO-CS) organization, which is located in the Deputy Assistant Secretary for Information Systems and Chief Information Officer (DASIS/CIO), under the Assistant Secretary for Management and Chief Financial Officer (ASM/CFO), Departmental Offices, Department of the Treasury.
The incumbent provides leadership across the Department for the development, planning, management, and assessment of Treasury’s cybersecurity policies, processes, and programs to ensure the security and reliability of Treasury information systems, to include classified (collateral) and unclassified (sensitive) systems, as well as coordinating, tracking, and advising on ACIO-CS programmatic and project activities. The incumbent develops strategies and coordinates implementation activities to secure systems and information critical to the Department, coordinating with external agencies and providing team leadership and technical support and consultation for the protection of classified collateral and unclassified (sensitive) systems.
- Not Required
You must meet the following requirements by the closing date of this announcement.
Specialized experience: For the GS-14, you must have one year of specialized experience at a level of difficulty and responsibility equivalent to the GS-13grade level in the Federal service. Specialized experience for this position includes:
- Developing, defining, managing and documenting IT projects specific to cybersecurity;
- Overseeing performance and risk mitigations relating to IT projects specific to cybersecurity;
- Applying cybersecurity requirements to the identification and measurement of cybersecurity risk elements applicable to the security assessment, authorization and operation of IT systems;
- Developing, implementing and interpreting metrics for the evaluation of cybersecurity programs; and
- Making decisions and recommendations influencing IT/cybersecurity policies and programs.
- Experience with project management such as; project management/planning tools and standards, coordinating project resources, and dealing with executives;
- Effectively communicating performance and risk mitigations relating to IT projects specific to cybersecurity;
- Presenting cybersecurity requirements for the assessment, authorization or operation of IT systems;
- Capturing data or producing metrics used to evaluate cybersecurity programs; AND
- Making recommendations influencing IT/cybersecurity policies and programs.
- Participating in the execution of IT projects specific to cybersecurity, such as the end-to-end process of obtaining an Authority to Operate (ATO) or equivalent, OR participating in the end-to-end process of conducting a system security assessment;
- Reviewing and/or applying policies, regulations, standards, and/or mandates required to ensure secure operation of an information system;
- Applying the principles of risk management in accordance with the frameworks of industry or international standards;
- Providing solutions and problem resolution to customers; AND
- Communicating technical and non-technical information to a mixture of audiences (including executives, senior official, and/or management teams).
In addition to meeting specialized experience, applicants must also show proficiency in 1) attention to detail, 2) customer service, 3) oral communication, and 4) problem solving.
The experience may have been gained in either the public, private sector or volunteer service. One year of experience refers to full-time work; part-time work is considered on a prorated basis. To ensure full credit for your work experience, please indicate dates of employment by month/day/year, and indicate number of hours worked per week on your resume.
Public Trust - Background Investigation
As an IT Specialist, you will:
- Provide technical expertise to the design, development, and implementation of information security policies and procedures. Provide leadership on projects pertaining to cybersecurity enhancement.
- Coordinate internal and external reporting requirements, briefings, and other types of communication. In the area of cyber security and policy, responsible for the preparation, review, analysis, and submission of department-wide reports and inquiry responses to outside (i.e., non-OCIO) organizations, including oversight and shared services organizations.
- Devise and conduct assessment programs to identify areas of risk pertaining to the confidentiality, integrity, and availability of Treasury IT systems.
- Identify and prioritize cybersecurity risks to be assessed, and develop assessment criteria.
- Provide leadership on projects pertaining to cybersecurity enhancement.