Duties

Summary

The Division of Administration (DA) directs the innovative internal management of the Commission's business, personnel, financial, technological, security, and strategic operational resources. The Division's role is to effectively and efficiently ensure the fulfillment of the Commission's mission through continued success in continuity of operations, while providing the required resources for adaptation to regulating the ever-changing markets.

Learn more about this agency

Responsibilities

This position is located in the Cyber and Physical Security Branch within the Division of Administration (DA) at the Commodity Futures Trading Commission (Commission or CFTC). DA serves as the focal point for the development and delivery of technology, applications, and technical services necessary to execute the CFTC's full range of mission and business operations to foster open, transparent, competitive, and financially sound markets. As the Supervisory IT Specialist (INFOSEC), you will manage one or more major multi-year IT initiatives of a complex degree carried out through various related IT projects.

• Manages, coordinates, communicates, integrates and is accountable for the overall success of the Governance, risk management, compliance and Cyber Defense programs and ensures its alignment with agency priorities.
• Oversees the agency's Enterprise Security Operations Center and ensures the compliance of information technology plans, policies, standards, infrastructures, and architectures. The incumbent is responsible for ensuring the work efforts achieve the outcome aligned with the Commission's mission, including appropriate strategic, life cycle management and capital IT investment plans.
• Maintains the cyber security program on behalf of the Chief Information Security Officer (CISO) and serves as ‘acting' CISO and manager in their absence.
• Serves as an expert and advisor to the CISO, Chief Information Officer (CIO), CFTC Senior Management and Commission for the Insider Threat Program. Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources. Monitors network to actively remediate unauthorized activities.
• Oversees, evaluates, and supports the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
• Oversees the planning, acquisition, and configuring of hardware, software inventories for the Security Operations Center. Ensures all hardware and software is verified and validated as required by the Federal Rules of Evidence. Responds to crises or urgent situations within the pertinent domain to mitigate immediate and potential threats. Uses mitigation, preparedness, and response and recovery approaches, as needed, to maximize survival of life, preservation of property, and information security. Investigates and analyzes all relevant response activities.

Travel Required

Not required

Supervisory status
Yes

Promotion Potential
15

Requirements

Conditions of Employment

• U.S. Citizenship
• Background/Security Investigation
• Males born after 12-31-1959 must be registered for Selective Service
• Must be able to obtain and maintain a TSC/SCI

Must be able to obtain and maintain a TS/SCI clearance

• Represents the CFTC CISO and CIO with external coordination regarding the prevention, detection, and response to cybersecurity threats and attacks on CFTC information technology systems. Responsible for maintaining awareness of potential and active cybersecurity threats through coordination with the Federal Intelligence Community.
• Responsible for establishing and maintaining interagency coordination with IC agencies, including, but not limited to the following: National Security Agency, Department of Homeland Security/National Protection and Programs Directorate/U.S. Computer Emergency Response Team, DHS/NPPD/National Cybersecurity and Communications Integration Center, DHS/NPPD/National Infrastructure Coordinating Center, and the Department of Justice.
• Collects and interprets cyber threat information, recommends planning actions, and develops cybersecurity emergency response plans. Ensures response plan compliance and integration with both classified and unclassified National Level cybersecurity response plans.
• Handles and processes classified information in accordance with Federal policies and procedures. Reports and coordinates all access to classified information (classified telecommunications and data correspondence, conferences, meetings, and discussions) with the DA's Security and Emergency Management Unit, and CIO.
• The incumbent may represent the Commission's electronic evidence aspect of investigative activities as part of the National Criminal Investigative Joint Task Force (NCIJTF) run by the Federal Bureau of Investigation (FBI). The cyber security operations team has the necessary knowledge and expertise dealing with market participants and firms related to the Commodities markets regulated by the CFTC to assist the FBI with cybercrime investigations related to these entities/activities. The FBI controls information at the TS/SCI level that the incumbent would be given access to for sensitive investigations involving nation state actors.
• Works closely on cyber-security aspect with the Department of Homeland Security (DHS) on TS/SCI level threat intelligence related to the Commission's MTIPS network traffic flowing through the DHS controlled Einstein3A program. The incumbent will attend other TS/SCI level briefings at DHS and other intelligence agencies related to cybersecurity on a regular basis for interagency collaboration that requires this level clearance.

Qualifications

Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate demonstrating each of the four competencies listed below.

Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

In addition to the above requirement you must have at least one year of specialized experience at the GS-14 grade level performing at least one of the following duties:

• Providing direction on the implementation of IT security and cyber-security infrastructure requirement across an organization;
• Making decisions or recommendations that influence organizational IT security policies, strategies or programs;
• Collaborating on the development of long-range plans for IT security systems;
• Directing activities in response to cyber security incidents and vulnerabilities for IT security systems;
• Overseeing IT and/or cyber security projects and services to meet internal and external customer requirements.

The following certifications are highly desired :

• Certified Information Security Manager (CISM), or
• Certified Information System Security Professional (CISSP), or
• Certified Forensic Computer Examiner (CFCE), or
• GIAC Certified Enterprise Defender (GCED)

Education

Additional information

Relocation. Relocation expenses will not be paid.

Probationary Period. One year managerial/supervisory probationary period required.

EEO Policy Statement. The United States Government does not discriminate in employment on the basis of race, color, religion, sex, national origin, genetic information, political affiliation, sexual orientation, marital status, disability, age, membership in an employee organization, or other non-merit factor.

Reasonable Accommodation. Federal agencies must provide reasonable accommodation to applicants with disabilities where appropriate. Applicants requiring reasonable accommodation for any part of the application and hiring process should contact the hiring agency directly. Determinations on requests for reasonable accommodation will be made on a case-by-case basis.

The law prohibits public officials from appointing, promoting, or recommending their relatives. The law prohibits requesting, making, transmitting, accepting, or considering political recommendations for employment or other personnel actions for non-political positions. This includes recommendations from Members of Congress, Congressional employees, elected state or local officials, and political party officials and any recommendation based on party affiliation.

How You Will Be Evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

This vacancy is being filled through the Office of Personnel Management's Government-wide Direct Hire Authority for Information Technology Management (Information Security). Traditional rating and ranking of applications does not apply to this vacancy. All applicants who meet the specialized experience will be forwarded to the Selecting Official for consideration. Veteran's Preference does not apply to the direct hire recruitment procedures.

To preview questions please click here .

Background checks and security clearance

Security clearance
Sensitive Compartmented Information

Drug test required
No

Position sensitivity and risk
Special-Sensitive (SS)/High Risk

Trust determination process
Suitability/Fitness , National security

Required Documents

•Resume showing relevant experience (cover letter optional).

Agency Career Transition Assistance Program (ICTAP). The ICTAP provides eligible displaced federal competitive service employees with selection priority over other candidates for competitive service vacancies. If your agency has notified you in writing that you are a displaced employee eligible for ICTAP consideration, you may receive selection priority if: 1) this vacancy is within your ICTAP eligibility, 2) you apply under the instructions in this announcement, and 3) you are found well-qualified for this vacancy. To be well qualified, you must score 85 or better on established ranking criteria. You must provide proof of eligibility with your application to receive selection priority. Additional information about ICTAP eligibility is at: http://www.opm.gov/ctap/index.asp.

ICTAP candidates MUST submit:

1. A copy of their agency reduction-in-force notice;

2. A copy of your most recent Performance Rating;

3. A copy of your most recent SF-50 noting current or last position held, the grade level, and the duty location; and

4. A copy of your notice of proposed removal for declining a directed reassignment or transfer of function outside the local commuting area or documentation showing you were separated as a result of RIF or declining a directed reassignment or transfer of function outside the local commuting area.

Career Transition Assistance Program (CTAP). Provides eligible surplus and displaced competitive service employees in the CFTC with selection priority over other candidates for competitive service vacancies. If CFTC has notified you in writing that you are a surplus or displaced employee eligible for CTAP consideration, you may receive selection priority if: 1) this vacancy is within your CTAP eligibility, 2) you apply under the instructions in this announcement, and 3) you are found well-qualified for this vacancy. To be well qualified, you must rate equivalent to the Well Qualified or better category using established rating criteria. You must provide a copy of your written notification of CTAP eligibility with your application. Additional information about CTAP eligibility is at: http://www.opm.gov/ctap/index.asp.

If you are relying on your education to meet qualification requirements:

Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education .

Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.