It Specialist (Infosec)

Job summary

This is a Washington National Guard Title 5 Excepted Service Technician position: IT SPECIALIST (INFOSEC) Location: 225th Support Squadron Joint Base Lewis-McChord, Washington 98438 Air National Guard Units Appointment Type: Permanent, excepted service Advertised as: Title 5 May be used to fill one or more vacancies. *Ensure you read this announcement in its entirety, complete all application requirements, and your USA Jobs profile name is accurate*

Major duties

A GS-2210-12, IT SPECIALIST (INFOSEC): Five percent of the time, exercises supervisory responsibilities such as: Assigns work to subordinates, develops performance standards, evaluates performance, recommends awards, takes disciplinary action as required, conducts performance counseling, and approves leave. Manages the Network Security Program. As the local area expert for computer network defense, the position is the point of contact for all aspects of Information Assurance, computer network defense, and network security within the Organization. Serves as an information system/network security analyst supporting the Information Assurance Program. Responsible for identifying and supporting the agency's Information Assurance certification, accreditation and security issues. Provides recommendations for upgrade to the current infrastructure. Provides guidance, support, and technical expertise to the organization on the security of networks. Manages and coordinates the implementation of information processing standards as they relate to system security/Information Assurance. Manages and coordinates guidance on hardware/software required to bring systems/networks into regulatory compliance. Provides technical expertise on security aspects of network accreditation packages for networks developed within the area of operations. Tracks circuit installations and network upgrades throughout the organization and insures new connections are documented on Approval to Operate (ATO) authorizations.. Insures that system administrators receive Information Assurance Vulnerability Alert (IAVA) alerts and tracks progress towards their application; leads software patch management efforts. Must be well versed in Risk Management Framework (RMF) accreditation processes to provide assistance, guidance, and supporting information to network analysts, site personnel, certification and authentication personnel, and Designated Approving Authorities (DAA). Maintain an accreditation inventory for the organization's systems. Ensures that accreditations and countermeasures reviews are understood and completed for all applicable systems and networks. Ensures that the network analysts have provided all necessary user certification documents prior to connection to networks and/or nodes. Serves as the Communications Security (COMSEC) Manager for cryptographic activities. As the primary or alternate COMSEC Manager, administers, coordinates, and implements programs to safeguard and control COMSEC material and equipment for the COMSEC account. Provides quality control for the COMSEC program by conducting periodic inspections of all supported COMSEC accounts. Exercises primary responsibility for the accountability, issues, destruction, and turn in of all COMSEC material, key (computer generated and paper), and equipment. Stores and issues material for the supported COMSEC requirements. Prepares all COMSEC forms, logs, and reports pertaining to COMSEC material accountability. Inspects accounts for accuracy and sufficiency. Provides assistance to users in the establishment of crypto-facilities and their users, to include classifying, downgrading, declassifying, safeguarding, and destruction of COMSEC material. Ensures the requisition, receipt, storage, maintenance, shipment, transfer, accounting, and proper disposition of all COMSEC material and equipment issued to the COMSEC account. Ensures the physical Security of the COMSEC account crypto-facility (vault). Prepares and implements security directives, local policies, Standard Operating Procedures (SOPs), and Emergency Evacuation Plans (EEP) for COMSEC material. Advises leadership on requirements for COMSEC material accountability and other matters pertaining to COMSEC. Serves as the COMSEC Key Management Infrastructure (KMI) operator and administrator, which includes all associated IT equipment, software, and interfaces; conducts System Administration (SA) planning, coordination, modification, operation, implementation, and troubleshooting to support the Information Technology needs of the COMSEC Account. Responsible for the Software Management Program: Manages program to ensure compliance with Federal, DoD, DISA, and Air Force, standards. As Software Manager, ensures an effective software management plan is in place and efficiently used, all software installed on EADS DoD Information Systems have a valid license certificate, media, keys, and certificates are backed up, and securely stored, media and keys are provided to technicians for installation, and periodic auditing is conducted to ensure compliance. May function as the Cyber Surety primary or alternate work center supervisor as assigned. Other duties as assigned.

Qualification

GENERAL EXPERIENCE: Must have IT-related experience demonstrating each of the four competencies listed below. The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. SPECIALIZED EXPERIENCE: Must have at least 36 months experience education, or training that approaches techniques and requirements appropriate to an assigned computer applications area or computer specialty area in an organization. Experience planning the sequence of actions necessary to accomplish the assignment where this entailed coordination with others outside the organizational unit and development of project controls. Experience that required adaptations of guidelines or precedents to meet the needs of the assignment. Experience preparing documentation on cost/benefit studies where is involved summarizing the material and organizing it in a logical fashion. Experience in managing the function of the work to be performed. Experience which includes leading, directing and assigning work of personnel. Or 1-year specialized experience equivalent to at least the next lower grade. ***You must provide your most recent SF50 in your application to support your experience at the next lower level.***

Education

Education Requirements: Degree in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management or degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks. You must provide transcripts or other documentation to support your Educational claims. To receive credit for Education, you must provide documentation of proof that you meet the Education requirements for this position. Substitution of Education for Specialized Experience: Not Applicable.

Evaluations

Once the announcement has closed, your resume and supporting documentation will be used to determine if you meet the qualifications listed on this announcement. If you are minimally qualified, your resume and supporting documentation will be compared to your responses on the assessment questionnaire to determine your level of experience. If you rate yourself higher than is supported by your application package, your responses may be adjusted and/or you may be excluded from consideration for this position. You may also be excluded from consideration if you indicate that you are unwilling to accept the lower grade and a determination is made that you are not qualified at the higher grade. If you are found to be among the top qualified candidates, you will be referred to the selecting official for employment consideration. Verbiage displayed on your resume or application must contain your own words. You may refer to position descriptions, as well as the general and specialized experience located within the vacancy announcement, to assist with describing work experiences; however, resumes or applications received in verbatim will not be considered. In your resume you will need to address the general and specialized experience listed above. Please use as much detail as needed, giving dates (months and years) of the experience, position title and how the experience was gained. This information is needed to determine if you are qualified for the position. Your qualifications will be evaluated on the following competencies (knowledge, skills, abilities, and other characteristics). NOTE: You do not have to respond to the KSA's separately but your resume should contain sufficient information to demonstrate possession of the KSA's. Knowledge of a full range of IT security principles, concepts, practices, products and services (including systems software, database software, immediate access storage technology), and methods for evaluating risk and vulnerability, implementing mitigating improvement, and disseminating IT security tools and procedures. Knowledge of IT INFOSEC security requirements for certification and accreditation, network operations and protocols, systems testing and evaluation, and performance management methods sufficient to plan and conduct security accreditation reviews for installed systems or networks and assess and advise on new or revised security measures and countermeasures based on the results of accreditation reviews. Knowledge of Local Area Network security requirements and techniques for protecting computer systems from viruses, data tampering, and unauthorized system entry. Knowledge of a broad range of telecommunications concepts and principles, operating modes, systems, media, equipment, equipment configuration, and related software systems, processes and procedures to assess and advise on vulnerability to attack from a variety of sources (e.g., espionage, disruption of services, destructive programs/applications) and procedures and methods for protection of systems and applications. Ability to communicate effectively, both orally and in writing. Ability to develop and conduct training on information security.