Information Technology Specialist (INFOSEC)
- Full Time
The position is located in the Office of the Director, Court Services and Offender Supervision Agency for the District of Columbia. The agency is responsible for providing community supervision for offenders on parole, probation and supervised release in the District of Columbia. Working closely with other criminal justice organizations and community leaders, CSOSA provides the full range of comprehensive services to increase public safety, prevent crime, reduce recidivism and support the fair administration of justice. The Information Security Unit is responsible for the Agency information security program that enables CSOSA to maintain the necessary ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. In addition, the Information Security Office ensures appropriate safeguards and countermeasures are implemented for protecting CSOSAs sensitive information and information systems that are relied upon to achieve the agencies mission and support business operations. The incumbent of this position is responsible for assisting the Chief Information Security Officer (CISO) in executing the assurance responsibilities through the continuous monitoring of security controls deployed across CSOSA business and CSOSA information systems, and ensuring the security and risk posture is maintained, a core underpinning of the CSOSA Information Security Continuous Monitoring (ISCM) program that further enables CSOSA to respond effectively and efficiently to the risk of emerging cyber threats.
Applications for this position are being processed through an on-line applicant assessment system that has been specifically configured for Court Services and Offender Supervision Agency applicants. Even if you have already developed a resume in USAJOBS, you will need to access this on-line system to complete the application process. To obtain information about this position and TO APPLY, please click on https://www.avuecentral.com/casting/aiportal/control/toVacancy?referenceCode=QVACL.
- Not Required
There is no education substitution for the required qualifications.
A background security investigation will be required for all new hires. Appointment will be subject to the applicant's successful completion of a background security investigation, drug testing, and favorable adjudication. Failure to successfully meet these requirements will be grounds for termination. Appointment may be subject to random drug testing after selection.
U.S. Citizenship: Applicants must be U.S. citizens or nationals. Failure to certify US Citizenship may result in your application not being considered.
Public Trust - Background Investigation
(The duties described reflect the full performance level of this position)
Develops Authorization to Operate (ATO) and ISCM Status Reports, and ISCM and Cyber Security Reports and Dashboards, updating them on a continuous basis.
Documents operational procedures and maintains Cyber Security and ISCM tools and technologies. Provides support to the Cyber Security Operations Center (CSOC) and participates in architecture/deployments of Cyber Security and ISCM tools and technologies, including coordination with the DHS CDM Program and other related Agencies.
Participates in the vulnerability management program and tracks vulnerabilities and remediation activities, including identifying and reporting information system and software security flaws through vulnerability scanning, configuration compliance scanning, application security scanning, and other sources weekly.
Establishes, documents and maintains configuration settings for all information systems, including identifying, documenting, and approving any deviations from established configuration settings. Reviews proposed configuration-controlled changes to the information systems and recommending approval or disapproval to the Agency CISO based on an explicit consideration for security impact analyses.
Manages mobile device security policies and ensure mobile device operating systems are updated. Maintains CSOC Server, Workstations, and Laptops, including the VM Infrastructure.
Leads the development of information security architectures and security reference architectures. Integrates security engineering principles in the system and software design and architecture. Integrates audit review, analysis, and reporting tools to support forensics and incident response activities. Provides information security role-based training.