Information Technology Infosec Specialist

Department of Energy - Agency Wide | Pittsburgh, PA

Posted Date 10/01/2024
Description
These positions are to be filled under the OPM Government-Wide Direct Hire Authority for Information Security (INFOSEC) Positions for grades GS 9-15. This serves as a public notice for the use of the Direct Hire Authority in accordance with 5 U.S.C. 3327 and 3330 and 5 CFR 330. Under this recruitment procedure, applications will be accepted for each location/installation identified in this Public Notice. There may or may not be actual vacancies at the time you submit your application.
The Department of Energy is seeking motivated and highly-qualified candidates for exciting positions available in multiple locations throughout the United States.

The mission of the Energy Department is to ensure America's security and prosperity by addressing its energy, environmental and nuclear challenges through transformative science and technology solutions.

This series covers positions that evaluate the adequacy of, and recommend new or revised, IT security policies, standards, and procedures; review and analyze IT aspects of proposals and integrity studies to determine adequacy and conformity with security requirements; conduct or participate in assessments, audits, appraisals, program reviews, and inspections and surveys, as needed, ensuring effective operations of assigned program areas; analyze existing and/or proposed IT systems for the purpose of identifying and resolving associated security risks by recommending, coordinating and/or employing state-of-the-art technology and cost-effective solutions relative to electronic data acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, encryption and assurance.

As an IT Specialist (INFOSEC), at minimum you will:
  • Ensures the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.
  • Administers information technology (IT) principles, methods, and security products to protect and maintain the availability, integrity, confidentiality, and accountability of information system resources.
  • Implements and advises on IT security policies and procedures to ensure the protection of information transmitted from installation using Local Area Networks (LAN), Wide Area Networks (WAN).
  • Accomplishes risk analysis, security testing, and certification due to modifications or changes to computer systems.

You must meet both the Basic Requirement and the Specialized Experience to qualify for this series as described below.

BASIC REQUIREMENT
Applicants must have IT-related education or experience demonstrating each of the four competencies listed below at a proficiency equivalent to the next lower grade level in federal service.

  1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
  2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
  3. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
  4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

SPECIALIZED EXPERIENCE REQUIREMENTS

In addition to the basic requirement, a qualified candidate's online application and resume must also demonstrate at least one year of specialized experience equivalent to the next lower grade level in the Federal service. Specialized experience for these positions are defined as:

GS-09: You must have one year of specialized experience equivalent to the next lower grade (GS-07). Specialized experience for this position is defined as meeting at least 2 of 3 of the following:
  • Identifying basic anomalies or errors in network or system services;
  • Assisting in taking actions to mitigate security risks, such as installing security patches, running anti-virus or other utilities;
  • Assisting in documenting security problems.

OR

Master's degree or equivalent graduate degree or 2 full years of progressively higher level graduate education leading to a master's degree or equivalent graduate degree; your education must demonstrate the knowledge, skills, and abilities necessary to do the work. For this position, this is defined as a degree in computer science, information technology management, computer programming, database management, computer hardware engineering, network administration, cloud computeing, information security & assurance, or a similarly related major.

OR

Combination of education and experience as described above. Less than one year of specialized experience may be combined with graduate education in excess of the amount required for the next lower grade level (i.e., credit hours beyond the first two years of full-time study may be credited).

GS-11: You must have one year of specialized experience equivalent to the next lower grade (GS-09). Specialized experience for this position is defined as meeting at least 2 of 3 of the following:
  • Assisting in implementing corrective or preventive actions network or system services;
  • Taking actions to mitigate security risks, such as installing security patches, running anti-virus or other utilities;
  • Documenting and initiating response to security problems.
OR

Ph.D. or equivalent doctoral degree or 3 full years of progressively higher level graduate education leading to a Ph.D. or equivalent doctoral degree; your education must demonstrate the knowledge, skills, and abilities necessary to do the work. For this position, this is defined as a degree in computer science, information technology management, computer programming, database management, computer hardware engineering, network administration, cloud computeing, information security & assurance, or a similarly related major.

OR

Combination of education and experience as described above. Less than one year of specialized experience may be combined with graduate education in excess of the amount required for the next lower grade level (i.e., credit hours beyond the first two years of full-time study may be credited).

GS-12: You must have one year of specialized experience equivalent to the next lower grade (GS-11). Specialized experience for this position is defined as meeting at least 2 of 4 of the following:
  • Carrying out activities leading to security certification or accreditation;
  • Conducting integrated analysis of multiple audit logs (e.g., firewall, Web server);
  • Participating in identifying and writing specifications to meet IT security requirements at the applications or network server level;
  • Providing input in drafting information systems security documentation (e.g. systems security plans, risk assessments, disaster recovery plans, business continuity plans, user security guides).
GS-13: You must have one year of specialized experience equivalent to the next lower grade (GS-12). Specialized experience for this position is defined as meeting at least 2 of 4 of the following:
  • Evaluating, recommending, implementing, and disseminating IT security tools, procedures, and practices to protect information assets;
  • Planning and coordinating the delivery of an IT security awareness training program for end users at all levels in the organization;
  • Updating an organization's contingency or disaster recovery plans to respond to new security requirements or changes in the IT architecture;
  • Coordinating development and implementation of policies and standards for classified or confidential network systems regarding sharing and safeguarding classified or confidential information.
GS-14: You must have one year of specialized experience equivalent to the next lower grade (GS-13). Specialized experience for this position is defined as meeting at least 2 of 4 of the following:
  • Recommending new or revised security measures and countermeasures based on the results of accreditation reviews;
  • Evaluate new security authentication technologies such as public key infrastructure certificates, secure cards, and biometrics;
  • Identifying and specifying information systems security requirements associated with migrations to new environments;
  • Developing specifications to ensure compliance with security requirements at the systems or LAN level.
GS-15: You must have one year of specialized experience equivalent to the next lower grade (GS-14). Specialized experience for this position is defined as meeting at least 2 of 4 of the following:
  • Leading the development of long-range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities;
  • Identifying the need for changes based on new security technologies or threats, testing and implementing new policies, and instituting measures to ensure awareness and compliance;
  • Planning and coordinating the development of specifications to meet security requirements at the company/agency or wide area network (WAN) level;
  • Integrating security programs across disciplines including defining the scope and detail for security plans and policies applicable to the security program.
NOTE: There is no substitution of education for specialized experience at the GS-12 through GS-15 levels.
"Experience" refers to paid and unpaid experience. Examples of qualifying unpaid experience may include: volunteer work done through National Service programs (such as Peace Corps and AmeriCorps); as well as work for other community-based philanthropic and social organizations. Volunteer work helps build critical competencies, knowledge, and skills; and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

OPM Qualification Standards for the GS-2210 series can be found at the following website: OPM Qualification Standards for the GS-2210 series.

CTAP/ICTAP candidates: To be considered "well qualified" you must meet all of the requirements as described in this section.

This public notice will be used to fill multiple positions as needed, therefore referral lists may be issued daily. Applications must be submitted and qualification requirements met by 11:59 p.m. ET each day in order to be referred on any certificates issued the following day.
If substituting education for specialized experience you must submit proof of your qualifying education. Failure to provide college transcripts may result in a rating of 'Ineligible'.

Education must be obtained from an accredited institution recognized by the U.S. Department of Education. Foreign education must be reviewed by an organization recognized by the U.S. Department of Education. For special instructions pertaining to foreign education and a list of organizations that can evaluate foreign education, see the Department of Education website.
Salary59,966.00 - 191,900.00 Annual

Share this job