Duties

Summary

This position is located in the Division of Depositor and Consumer Protection, Headquarters of the Federal Deposit Insurance Corporation and provides support in the areas of Information Security Management.

Additional selections may be made from this vacancy announcement to fill identical vacancies that occur subsequent to this announcement.

Learn more about this agency

Responsibilities

- Assists the ISM in managing the development and implementation of FDIC's Information Security Management Program (ISMP) within the Division/Office.

- Assesses system and application security levels; preparing privacy and security risk assessment reports; planning security requirements in new and enhanced systems; and supporting completion of security plans.

- Promotes awareness and compliance with FDIC security and privacy policies and procedures, legal mandates, accepted audit recommendations, and annual corporate and application specific training.

- Coordinates with project teams and Information Security and Privacy Staff to manage information security activities associated with the Systems Development Life Cycle (SDLC).

- Provides input to the Risk Management Framework (RMF) process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials). Assesses system access controls based on principles of least privilege and need to know.

- Communicates the value of information technology security throughout all levels of the Division's stakeholders.

- Assists in overseeing the Division's information security training and awareness program for a system or application and conducts on-going security and privacy training and awareness activities as the divisional liaison.

- Gathers readily available data and reports to interpreting patterns of non-compliance to determine their impact on levels of risk and/or overall effectiveness of the Division's cybersecurity program.

- Reviews all system-related information security plans to ensure alignment between security and privacy practices.

Travel Required

Occasional travel - Occasional travel may be required.

Supervisory status
No

Promotion Potential
11

Requirements

Conditions of Employment

Registration with the Selective Service.

U.S. Citizenship is required.

Employment Conditions.

Completion of Financial Disclosure may be required.

Qualifications

Qualifying experience may be obtained in the private or public sector. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g. Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic, religious spiritual; community; student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Additional qualifications information can be found here .

To qualify at the CG09, applicants must have completed at least one year of specialized experience equivalent to at least the CG/GS07 grade level or above in the Federal service OR have a Master's or equivalent graduate degree (such as an LL.B. or J.D., if related) in computer science, engineering, information science, information systems management, mathematics, operations research, statistics or technology management or two full years of progressively higher level graduate education in the fields indicated. Specialized experience is experience performing security evaluations of information technology system applications and review to assure governing rules and regulations are appropriately applied.

To qualify at the CG11, applicants must have completed at least one year of specialized experience equivalent to at least the CG/GS09 grade level or above in the Federal service OR have a Ph.D. or equivalent doctoral degree in computer science, engineering, information science, information systems management, mathematics, operations research, statistics or technology management or 3 full years of progressively higher level graduate education in one of these areas. Specialized experience is experience managing assessments and security evaluations of information technology system applications and review to assure governing rules and regulations are appropriately applied.

You must have Information Technology (IT)-related experience which demonstrates proficiency in each of the following competencies:

• Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

• Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

• Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

• Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Education

See requirements stated under QUALIFICATIONS.

Additional information

To read about your rights and responsibilities as an applicant for Federal employment, click here .

If selected, you may be required to serve a probationary or trial period as applicable to appointment type.

How You Will Be Evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

Your resume and the online assessment questionnaire will be reviewed, to determine whether you meet the qualification requirements outlined in this announcement. Therefore, it is imperative that your resume contain sufficiently detailed information upon which to make the qualification determination. Please ensure that your resume contains specific information such as position titles, beginning and ending dates of employment for each position, average number of hours worked per week, and if the position is/was in the Federal government, you should provide the position series and grade level.

Your resume will also be evaluated to measure your responses to the assessment questions. If you rated yourself higher on the questionnaire than what is supported by your resume, your overall qualifications assessment may be adversely affected.

Top ranked candidates will be referred to the selecting official for further review and consideration.

The competencies/knowledge, skills, and abilities (KSAs) you will be assessed on are listed below. You do not need to respond separately to these KSAs. Your answers to the online questionnaire and resume will serve as responses to the KSAs.

Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).

Knowledge of RMF requirements and risk management processes (e.g., methods for assessing and mitigating risk).

Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data.

Ability to develop professional working relationships with counterparts throughout the Corporation to attain established objectives.

Ability to apply and work within system lifecycle management security principles, including software security and usability.

Ability to apply current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.

You do not need to respond separately to these KSAs. Your answers to the online questionnaire and resume will serve as responses to the KSAs.

To preview questions please click here .

Background checks and security clearance

Security clearance
Other

Drug test required
No

Position sensitivity and risk
Moderate Risk (MR)

Trust determination process
Suitability/Fitness

Required Documents

EDUCATION DOCUMENTS: If you are using education to meet all or part of the qualification requirements, submit a copy of your college transcript (an unofficial transcript is acceptable). Education must be from accredited institutions. For a listing of accredited educational institutions, click here . An official transcript will be required if you are selected. If you attended more than one university and need to send multiple transcripts, please upload/fax all transcripts as one document.

Foreign Education: If you are using education completed in foreign colleges or universities to meet the qualification requirements, you must show that the education credentials have been evaluated by a private organization that specializes in interpretation of foreign education programs and such education has been deemed equivalent to that gained in an accredited U.S. education program. For more information, click here .

CURRENT FEDERAL EMPLOYEES OR REINSTATEMENT ELIGIBLES WITH COMPETITIVE STATUS: A copy of your most recent SF Form 50, Notification of Personnel Action, that shows: (1) permanent or career-conditional tenure (codes 1 or 2, in block 24); and (2) position occupied in the competitive service (code 1, in block 34), and the pay plan, series, grade and salary for the position you are relying upon to be considered for this position. If reinstatement eligible include your Career/Career conditional SF-50. To be considered as a non- competitive eligible candidate, the SF-50 must show the highest grade level or full performance level applicant has attained competitively on a permanent basis, and grade must be equivalent or higher than the grade for which applying.

FDIC EMPLOYEES: Submit a final digitally signed copy of your most recent Annual Performance Appraisal and Evaluation form. The final PDF form is also acceptable. If you want to be considered non-competitively include a copy of your SF-50. The SF-50 must show the highest grade level or full performance level applicant has attained competitively on a permanent basis, and grade must be equivalent or higher than the grade for which applying.

INTERAGENCY TRANSITION ASSISTANCE PROGRAM (ICTAP): If you are a displaced or surplus FDIC or Federal employee eligible for consideration under the CTAP or ICTAP, you must submit proof of eligibility. For more information, click here .

SPECIAL APPOINTING AUTHORITIES FOR PEOPLE WITH DISABILITIES: If you are applying for consideration under special appointing authorities for people with disabilities, you will be required to provide proof of disability documentation to specify that you are a person who (1) has a severe physical disability; (2) an intellectual disability; or (3) a psychiatric disability. The documentation does NOT need to detail your specific disability, medical history, or need for accommodation, however; the letter MUST clearly state that you are eligible for appointment under this authority and that your eligibility is based on a severe physical disability; an intellectual disability; or a psychiatric disability. THE DOCUMENTATION MUST HAVE BEEN OBTAINED FROM: (a). Licensed medical professionals; or (b). State or private vocational rehabilitation specialists; or (c). Any Government agency (e.g., VA, etc.) that issues or provides disability benefit. THE DOCUMENTATION MUST INCLUDE: a statement that you are eligible based on one of the following: severe physical disability, an intellectual disability, or a psychiatric disability. To view sample Schedule A proof of disability letters, click here , and for more information on this special appointing authority, click here . Please note that employees hired under this Schedule A hiring authority will be required to complete a Standard Form 256 to identify their disability status.

If you are relying on your education to meet qualification requirements:

Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education .

Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.