Duties

Summary

This announcement will remain open until 08/04/2021. It will be used to collect applications and fill vacant positions as they become available in the Office of the Chief Information Officer within FSIS. Cut-off dates for referral to hiring managers for selection consideration will be established as needed by the agency. When a request is received to fill a vacant IT Specialist (INFOSEC) a list of the qualified applicants interested will be sent to the hiring manager for further consideration.
Learn more about this agency

Responsibilities

• Managing Information Assurance activities for applications in support of FSIS business practices ensuring the confidentiality, integrity, and availability of systems, networks, and data through IT security programs, policies, procedures, and tools
• Creating and updating existing security documentation for Accreditation Packages used to acquire an Authority to Operate (ATO) approval for each IT System
• Serving as the Subject Matter Expect (SME) for USDA Data Calls for Plan of Actions and Milestones (POAMs), Vulnerability Assessments, and Assessment and Authorization (A and A) activities within their designated branch
• Creating Plan of Actions and Milestones (POAMs) with acceptable timelines defined by the Information System Security Project Manager and the Information System Owner for vulnerability mitigation
• Creating security packages for submission to the Certifying Agent and the Authorization Official (AO) for official Authority to Operate (ATO) approval
• Working with the Incident Response Team to address security incidents that occurs with systems in the production environment
• Gathering all evidence for audit inquiries and investigations done by any third-party entity conducting security audit work to measure the maturity and effectiveness of FSIS against FISMA requirements
• Serving as the lead who coordinates Assessment and Authorization (A and A) packages, risk management, vulnerability assessments, and mitigation strategies across USDA and FSIS business partners
• Interpreting regulatory requirements for government systems per guidance from the National Institute of Standards and Technology (NIST)
• Implementing all steps within the Risk Management Framework (RMF) and FEDRamp to safeguard data, IT systems residing on premises, or in the cloud space with adequate security controls to safeguard
• Advising appropriate personnel relative to new or revised policies, procedures, methods, and techniques/safeguards
• Ensuring execution of security measures for IT systems which includes the development of the Assessment and Authorization (A and A) schedule for security activities that is approved by the Branch Chief and the CISO before start of the calendar year
• Ensuring organizational compliance with security policies and procedures relating to various computer technologies as it relates to FedRamp and the Risk Management Framework (RMF).
• Addressing changes to Information System assets to mitigate vulnerabilities in a timely manner from automated tools or Security Assessment Report (SAR) findings
• Ensuring system-level security procedures and policies are consistent with USDA cybersecurity policies and the National Institute of Standards and Technology (NIST)
• Providing guidance on security activities for the development of accreditation/re-accreditation documentation of all IT Systems and participating in studies as the network authority/advisor for automation security technology
• Participating in special studies involving problem definition, alternative development, and recommended resolutions concerning Automated Data Processing security related matters
• Participating in long-range planning for hardware/software changes to meet specific Automated Data Processing security goals and objectives
• Providing weekly status updates via security assessment meetings with the Chief Information Security Officer (CISO) regarding Assessment and Authorization (A and A) activities/strategies addressing security deficiencies identified in FSIS IT systems
• Providing Subject Matter Expect (SME) input/guidance to the Branch regarding special projects involving problem definition, alternative development, and Automated Data Processing security matters

Travel Required

Occasional travel - You may be expected to travel for this position.

Supervisory status
No

Promotion Potential
None

Requirements

Conditions of Employment

• You must be a US Citizen or US National
• Males born after 12/31/1959 must be Selective Service registered or exempt
• Subject to satisfactory adjudication of background investigation and/or fingerprint check
• Successful completion of one-year probationary period, unless previously served.
• Selectee must be able to obtain and maintain a Public Trust security clearance. If selected you may be subject to a National Agency Check and Inquiry (NACI).

Qualifications

Applicants must meet all qualifications and eligibility requirements by the closing date of the announcement including specialized experience and/or education, as defined below.

For the GS-13 level: Your resume must demonstrate at least one (1) year of specialized experience at or equivalent to the GS-12 grade level in Federal service.

Specialized experience must include:

• Applying advanced IT Security principles using FISMA standards, policies, and guidance to certify systems accreditation
• Knowledge of penetration test exercises and ability to collaborate with business partners to devise mitigation strategies based on findings from security audits.
• Interpreting and applying security concepts and methods with various COTs and opensource technologies for IT Systems in stages of development or production.
• Understanding NIST, FedRAMP, DISA STIGs, FIPS 140 controls, guidance, and FISMA standards.
• Ensuring/coordinating system-wide security procedures are consistent with agency cybersecurity policies and NIST, and reviews security policy and procedures against regulatory requirements to determine compliance.

For more information on the qualifications for this position, click Information Technology (IT) Management Series, 2210 .

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

Education

This job does not have an education qualification requirement.

Additional information

• The USDA Food Safety and Inspection Services has authority to recruit and fill Permanent (Career/Career-Conditional) positions under Direct Hire Authority. Under this authority, any U.S. citizen may apply.

• Career Transition Assistance Plan (CTAP), Reemployment Priority List (RPL), or Interagency Career Transition Assistance Plan (ICTAP): For information on how to apply as a CTAP, RPL, or ICTAP eligible see Career Transition . To exercise selection priority for this vacancy, CTAP/RPL/ICTAP candidates must meet the basic eligibility requirements and all selective factors. CTAP/ICTAP candidates must be rated and determined to be well qualified (or above) based on an evaluation of the competencies listed in the How You Will Be Evaluated section. When assessed through a score-based category rating method, CTAP/ICTAP applicants must receive a rating of at least 85 out of a possible 100.

• Direct Deposit - Per Public Law 104-134 all Federal employees are required to have federal payments made by direct deposit to a financial institution of your choosing.

• Multiple positions may be filled from this announcement

• This position is eligible for telework and other flexible work arrangements. Employee participation is at the discretion of the supervisor.

• Persons with disabilities who require alternative means for communication of program information (Braille, large print, audiotape, etc.) should contact: USDAs TARGET Center at 202-720-2600 (voice and TDD).

• It is the policy of the Government not to deny employment simply because an individual has been unemployed or has had financial difficulties that have arisen through no fault of the individual. To see more information visit CHCO Council.

• If you are selected, you may need to complete a Declaration for Federal Employment (OF-306) prior to being appointed to determine suitability for Federal employment and to authorize a background investigation. False statements or responses on a resume or application can jeopardize employment and may be grounds for disciplinary action, including removal from Federal service

• If you are newly hired, the documentation you present for purposes of completing the Department Homeland Security (DHS) Form I-9 on your entry-on-duty date will be verified through the DHS "E-VERIFY" system. Federal law requires the use of E-VERIFY to confirm the employment eligibility of all new hires. Under this system, the new hire is required to resolve any identified discrepancies as a condition of continued employment. To learn more about E-Verify, including your rights and responsibilities, visit E-Verify .

How You Will Be Evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

You will be evaluated for this job based on how well you meet the qualifications above.

The Office of Personnel Management has granted Direct Hire Authority for IT INFOSEC positions. There is a critical hiring need and these positions play an important role in protecting the nation's food supply.

Due to the Direct-Hire Authority (DHA), applicants are not rated and ranked numerically, and Veteran's preference does not apply. Applicants are strongly encouraged to provide complete information about their job-related experience and education. Your resume must document that you meet the Qualification Requirements detailed above. Applicants who meet the minimum qualification requirements established for the position will be placed in the Eligible category.

Although Veteran's preference does not apply due to the existence of the DHA for this position, applicants are still encouraged to provide documentation related to veteran's preference.

All applicants qualifying based on experience must have IT-related experience demonstrating each of the four competencies listed below. Please refer to the competency definition shown below, when addressing those competencies.

• Problem Solving: Providing oversight of work methods, practices, and procedures; including the selection and application of appropriate problem solving methods and techniques.
• Oral Communication: Ensuring that an IT organizations strategic plan, mission, vision and values are communicated to subordinates and are integrated into the team's strategies, goals, objectives, work plans and work products and services.
• Customer Service: Exercising significant authority in dealing with officials of other units/organizations and advising management officials of higher rank on operational issues while marketing an IT organization as a trusted partner for mission/technology convergence.
• Attention to Detail: Directing, coordinating and overseeing work through subordinate supervisors or team leaders.

Note: If, after reviewing your resume and/or supporting documentation, a determination is made that you have inflated your qualifications and or experience, you may be found ineligible. Please follow all instructions carefully. Errors or omissions may affect your rating. Providing inaccurate information on Federal documents could be grounds for non-selection or disciplinary action up to including removal from the Federal service.

Clicking the link below will present a preview of the application form. The application form link below will only provide a preview and does not initiate the application process. To initiate the online application process, click the "Apply Online" button to the right.

To view the application form, visit: https://apply.usastaffing.gov/ViewQuestionnaire/11159095

Background checks and security clearance

Security clearance
Other

Drug test required
No

Position sensitivity and risk
Non-sensitive (NS)/Low Risk

Trust determination process
Credentialing

Required Documents

The following documents are required for your applicant package to be complete. Our office cannot be responsible for incompatible software, your system failure, etc. Encrypted documents will not be accepted. Failure to submit required, legible documents may result in loss of consideration.

• Resume that includes:1) personal information such as name, address, contact information; 2) education; 3) detailed work experience related to this position as described in the major duties including work schedule, hours worked per week, dates of employment; title, series, grade (if applicable); 4) other qualifications. If you need assistance in creating a federal resume click here .

You must submit the documents below if you claim any of the following:

• Veterans' Preference: If claiming veteran's preference, you must submit a DD214, Certificate of Release from Active Duty, which shows dates of service and discharge under honorable conditions. If currently on active duty you must submit a certification of expected discharge or release from active duty service under honorable conditions not later than 120 days after the date the certification is signed. Enlisted Record Briefs and military identification do NOT qualify as official documentation. The certification letter should be on letterhead of the appropriate military branch of the service and contain (1) the military service dates including the expected discharge or release date; and (2) the character of service. Veteran's preference must be verified prior to appointment. Without this documentation, you will not receive veteran's preference and your application will be evaluated based on the material(s) submitted.
• If claiming 10-point veteran's preference you must provide the DD214 or certification requirements (see above bullet), plus the proof of entitlement of this preference as listed on the SF-15 Application for 10-point Veterans' Preference. The SF-15 should be included but is not required. Failure to submit these documents could result in the determination that there is insufficient documentation to support your claim for 10-point preference. For more information on veterans' preference visit USAJobs - Veterans

• Surplus or displaced employees eligible for CTAP, RPL, or ICTAP must provide: proof of eligibility (RIF separation notice, notice of proposed removal for declining a transfer of function or directed reassignment to another commuting area, notice of disability annuity termination), SF-50 documenting separation (as applicable), and your most recent SF-50 noting position, grade level, and duty location with your application per 5 CFR 330.