Duties

Summary

The organizational Information System Security Officer (ISSO) serves as the liaison between the Office of the Chief Information Officer (OCIO) and customer organizations to plan, implement and oversee IT Security service delivery to meet customer requirements. Coordinates with the organization's System Owners concerning IT security requirements with the primary goal of understanding and managing customer needs, expectations, and experiences with Agency and Center IT security strategies.
Learn more about this agency

Responsibilities

• Coordinates with the organizations Information System Owners (ISOs) for IT systems that support programs or missions in their organization.
• Provides expert IT Security advice to the ISOs for the planning, design, development, implementation, and enhancement of IT systems including web sites, data acquisition systems, and science instruments for missions, as appropriate.
• Responsible for working with the Center Chief Information Security Officer (CISO) to ensure the organization's IT systems are secure and not a threat to the security posture of the Center and Agency.
• Reviews proposed IT Security policy, regulations and procedural changes to determine their impact on the organization's IT systems, accessed by a diverse distributed user community, and work to minimize any disruptions while ensuring compliance.
• Ensures the confidentiality, availability and integrity of IT systems through full compliance with the Federal Information Security Management Act, related NIST standards, and Agency IT security policies and standards.
• Responsible for the integration of IT Security requirements including configuration management, risk assessments, application and data security, system software security, contingency planning and physical security into all project plans.
• Identifies IT security risks during all phases of projects and recommends changes to alleviate potential security problems. Works with programmers and system administrators to mitigate any vulnerabilities discovered in operational IT systems.
• Provides guidance and oversight of contractor IT tasks and inform Center Subject Matter Experts (SMEs) and Contracting Officer's Representatives (CORs) on progress in relation to the established schedules and resources allotted.
• Assesses proposed task modifications, analyzes proposals, and provides objective technical evaluations of IT task performance to organizational SMEs and CORs for both Center and Agency contracts.
• Ensure all IT systems are covered by a System Security Plan (SSP) that maintains an Authority To Operate (ATO).

Travel Required

Occasional travel - Travel may be required for training or other work-related duties

Supervisory status
No

Promotion Potential
13

Requirements

Conditions of Employment

• A one-year probationary period may be required.
• This is a drug-testing designated position.
• Successful completion of a security investigation will be required.
• Selectee must be able to obtain and maintain a national security clearance.

Qualifications

Specialized Experience:
For the GS-11 grade level: Applicants must have one year of specialized experience, equivalent to the GS-9 level in the Federal Service, which equipped the applicant with the competencies required to perform successfully the duties of the position. Specialized experience includes assisting with the incorporation of security controls in the design of IT systems, system security plan management, configuration management, risk assessments, vulnerability mitigation and contingency planning, utilizing the required special tools, methods and techniques;
OR
Applicants may substitute the following education for the specialized experience requirements: A Ph.D. or equivalent doctoral degree in a related field, or 3 full years of progressively higher level graduate education leading to such a degree. In order to be creditable, education must be related to the position being filled with a major study of computer science, information science, information systems management, mathematics, statistics, operations research, or engineering, or course work that required the development or adaptation of computer programs and systems and provided knowledge equivalent to a major in the computer field.

For the GS-12 grade level, Applicants must have one year of specialized experience, equivalent to the GS-11 level in the Federal Service, which equipped the applicant with the competencies required to perform successfully the duties of the position. Specialized experience includes leading efforts in the incorporation of security controls in the design of IT systems, system security plan management, configuration management, risk assessments, vulnerability mitigation and contingency planning, that require the use of special tools, methods and techniques.

For the GS-13 grade level, Applicants must have one year of specialized experience, equivalent to the GS-12 level in the Federal Service, which equipped the applicant with the competencies required to perform successfully the duties of the position. Specialized experience includes leading efforts in the incorporation of security controls in the design of IT systems, system security plan management, configuration management, risk assessments, vulnerability mitigation and contingency planning, which requires utilization of expert knowledge in the application of the special tools, methods and techniques necessary to secure IT systems, and experience with the presentation of findings, best practices, and new capabilities to groups including workshops, organizations, forums and/or conferences.

IT-related experience must demonstrate each of the four competencies below:

1.Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

2.Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

3.Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

4.Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

To receive consideration, you must submit a resume and answer NASA-specific questions. The NASA questions appear after you submit your resume and are transferred to the NASA web site. If you successfully apply, USAJOBS will show your application status as 'Received'. If your status is 'Application Status Not Available', you have not successfully applied. Do not rely on a USAJOBS email to confirm successful application. Only an email from NASA confirms a successful application.

Education

There are no education requirements for this position.

Additional information

If you have special priority selection rights under the Agency Career Transition Assistance Program (CTAP) or the Interagency Career Transition Assistance Program (ICTAP), you must:

Indicate your eligibility when applying for a position. The USAJOBS resume asks you to identify your ICTAP eligibility; the NASA Supplemental Information asks you to identify your CTAP eligibility.

Be well qualified for this position to receive consideration. See 'How You Will Be Evaluated' for NASA's definition of well qualified.

Be prepared to submit proof that you meet the requirements for CTAP/ICTAP if you are selected for the position. This includes copies of your agency notice, most recent Performance Rating and most recent Notification of Personnel Action (SF-50) noting current position, grade level, and duty location.

At the end, add:
To receive consideration, you must submit a resume and answer NASA-specific questions. The NASA questions appear after you submit your resume and are transferred to the NASA web site. If you successfully apply, USAJOBS will show your application status as 'Received'. If your status is 'Application Status Not Available', you have not successfully applied. Do not rely on a USAJOBS email to confirm successful application. Only an email from NASA confirms a successful application.

Duties assigned will be commensurate with the grade of selected employee.

Identification of promotion in this position does not constitute a commitment or an obligation on the
part of management to promote the employee. Promotion will depend upon administrative approval
and the continued need for an actual assignment and performance of higher level duties.

Individuals must have IT-related experience demonstrating each of the four competencies listed in the
qualification requirements section. Your resume should reflect each of these competencies.

As identical vacancies are identified, additional selections may be made.

How You Will Be Evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

This position is announced under Direct Hire authority. A Human Resources Specialist will review your resume to determine if you meet the qualifications and eligibility requirements as listed in 'Requirements'.

CTAP and ICTAP candidates will be assessed using NASA STARS, an automated system that matches the competencies extracted from your resume to the competencies identified by the selecting official for the position. Based on the competencies you match, you are placed in one of three categories identified as 90, 80, or 70 point quality categories, which are defined as:

90 pt. Category - Tentatively meets (until subsequent confirmation upon referral) the basic qualification requirements identified in the vacancy announcement and has experience in the same or similar job that has demonstrated superior proficiency in the primary requirements of the position.

80 pt. Category - Tentatively meets (until subsequent confirmation upon referral) the basic qualification requirements identified in the vacancy announcement and demonstrates satisfactory proficiency in the primary requirements of the position.

70 pt. Category - Fails to meet criteria described in the 80 pt. category.

For the purpose of the CTAP and ICTAP, candidates rated in the top quality (90 pt.) category are considered well-qualified.

Background checks and security clearance

Security clearance
Top Secret

Drug test required
Yes

Required Documents

NASA's application process has been specifically developed to ensure that we only ask you for the information we absolutely need to evaluate your qualifications and eligibility. In order to apply for this position, you only need to submit your resume and answer the screening questions and supplemental information. No additional documentation is accepted at the time of application. (For example you need not submit narrative 'KSA' statements; they are not required and will not be evaluated.) In this way we allow you to focus on preparing a resume that best describes your background and abilities. For assistance in preparing your resume, consult the Applicant Guide . Nothing further is required until requested by the Human Resources Office. At that point, we may ask you to submit documentation to support statements made in your resume. For example, we may ask you to provide academic transcripts or proof of Federal employment status. If you fail to provide the required documents within the stated time period, we may withdraw a job offer and/or remove you from further consideration.

If you are relying on your education to meet qualification requirements:

Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education .

Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.