Bachelors’ Degree in Information Technology or Business related field appropriate to the work of position AND seven years of experience performing specific tasks for Information System Security Manager (ISSM), security assessments, vulnerability management, or cybersecurity (CY): OR an appropriate combination of education and experience that demonstrates possession of knowledge and skill equivalent to that gained in the above, OR appropriate experience that demonstrates the applicant has acquired the knowledge, skills, and abilities equivalent to that gained in the above. Knowledge of risk management processes, secure configuration management techniques, Government laws and policies, cyber threats and vulnerabilities, encryption algorithms, host/network access control mechanisms, vulnerability information dissemination sources, Payment Card Industry (PCI) data security standards, Personally Identifiable Information (PII) data security standards, incident response and handling methodologies, intrusion detection methodologies and techniques for detecting host and network-based intrusions, and organization’s risk tolerance and/or risk management approach. Skill in applying security controls, analyzing traffic to identify network devices, conducting application vulnerability assessments, assessing security systems designs, interpreting vulnerability scanner results to identify vulnerabilities, assessing cloud security measures and microservices, preparing Test & Evaluation reports, and running Security Content Automation Protocol (SCAP) content and Security Technical Implementation Guides (STIGS) based tools for benchmark, compliance checks, and security configuration reviews. Ability to identify systemic security issues based on the analysis of vulnerability and configuration data, apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation), conduct vulnerability scans and recognize vulnerabilities in security systems, and translate data and test results into evaluative conclusions. As an authorized and privileged user of Department of Defense Information Systems must fulfill the requirement to complete DoD Workforce Improvement Program certification (DoD 8140.01) as a condition of access within six months of employment. This position has been determined as an advanced proficiency level. This position had been determined as Moderate Risk. As a condition of employment, the incumbent must be able to obtain and maintain an Access National Agency Check and Inquiries (ANACI/ Tier 3) Secret Clearance to access classified information. Eligible for incremental telework as determined by MR/MF policy.
Closing date extended to 12/02/2024 Who May Apply: Only applicants who meet one of the employment authority categories below are...
Apply For This JobWho May Apply: Only applicants who meet one of the employment authority categories below are eligible to apply for this...
Apply For This JobYour resume must demonstrate at least one year of specialized experience at or equivalent to the GS-12 grade level or...
Apply For This JobIncumbent must complete appropriate training and obtain required certifications IAW DoDI 8140, DOD 8570.01M or applicable governing document(s) for Cyber...
Apply For This JobYour resume must also demonstrate at least one year of specialized experience at or equivalent to the GS-12 grade level...
Apply For This JobThis position is in the Supervision/Management Work Category at the Senior Work Level within the CES Occupational Structure. Who May...
Apply For This Job