The incumbent of this position will serve as the Chief Information Security Officer, under the general direction of the Chief Information Officer (CIO), responsible for the development and delivery of a comprehensive information security and privacy program for the Corporation for National and Community Service.
The Corporation for National and Community Service was established as a Federal agency in 1993 to engage Americans of all ages and backgrounds in community-based service. Together, its Senior Corps and AmeriCorps programs promote the ethic of service and help solve critical community problems in every state, many Indian tribes, and most U. S. territories. As a result, hundreds of thousands of Americans are joining forces to address community needs in education, homeland security, housing, health care, environmental protection, and disaster relief.
The Corporation for National and Community Service (Corporation) has an approved (by the Office of Personnel Management) civil service interchange agreement. The Corporation is an excepted service agency. Under the terms of the Interchange Agreement, permanent Corporation employees may be considered for appointment to positions in the competitive service in the same manner that employees of the competitive service are considered for transfer to such positions.
You must be a United States Citizen
A 2-year probationary period is required for new Federal employees
Merit Promotion applicants must submit a SF-50 to verify Status and grade
Relocation expenses will not be paid
New supervisors are required to serve a 2-year probationary period. DUTIES:
Applicants must have one year of specialized experience in scope and responsibility to at least the NY-04 pay band, which would be at or equivalent to, the GS-14 level in the Federal Service. Specialized experience is that which has equipped the applicant with the particular knowledge, skills, and abilities to successfully perform the duties of the position, and that is typically in or related to the work of the position to be filled. Specialized experience includes performing the following: serving as an executive information technology advisor to senior management, both internal and external to an agency; conducting computer security incident handling or analysis; reviewing, analyzing and correlating threat data from available sources; deploying or supporting large-scale network security monitoring infrastructures; and performing lead duties in a variety of network security areas.
- Provide l e a dership for on-going information security and privacy assessments of new and emerging IT products and technologies to support agency IT investment and acquisition decisions that advance CNCSs priorities and strategic goals.
- Offer advice guidance and counsel to the CIO and other agency executives regarding information security and privacy related issues .
- Ensure that information system users , managers and supervisors, information owners, and information custodians are aware of their security responsibilities by arranging for and/or coordinating an appropriate level of system security training / orientation .
- Ensure that all systems that process sensitive information are identified, that proper precautions are taken to protect and label agency information in all of its forms, and that personnel processing sensitive information are aware of the proper procedures .
- Oversee information assurance activities, to include planning and controlling related tasks, to achieve information assurance program goals; establish program objectives; establish schedules; estimate costs and budgets; define requirements through specifications and work statements; develop specific project plans; coordinate project planning with the contracting officer; conduct required cost-benefit analyses; and functioning as a Contracting Officers Representative (COR). Monitor the performance of information assurance contracts, and make recommendations for improvement in terms of cost, quality of work, and timeliness of service.
- Prepare and implement security assessment and authorization plan s , processes and procedures for CNCS information systems.
- Ensure that the CNCS Information Assurance Program (IAP) is compliant with FISMA requirements, OMB mandates, and N IST guidelines. Serve as the focal point for information security and privacy liaison activities and provide an active communication channel for CNCS users with information security and privacy responsibilities . Also, serve as the CI O ' s liaison to the O IG and as the CIOs designee for external auditors and agencies regarding security and privacy matters.
- Protect the privacy and confidentiality of agency data by identifying potential threats to the system and application components, and notifying the appropriate personnel/managers of the risk potential.
- Audit and monitor access to all Corporation systems and compile monthly security reports per CNCS IAP policy.
- Develop and implement an ongoing risk assessment program targeting agency information security and privacy matters, recommend methods for vulnerability detection and remediation, and oversee vulnerability testing. A dvise management regarding potential risks, mitigating security practices or conditions, and cost effective countermeasures.
- Prepare and submit to the CIO the annual agency FISMA Report, the OMB - directed FISMA Plan of Actions & Milestones (POA&M), and other required report s . Prepare policies and guidance relating to firewall management , remote access , wireless networking technology and other security infrastructure .
- Provide direction , supervision, coordination, and guidance to OIT and other CNCS staff who have information assurance responsibilities . S upervise a team of information technology employees and provide direction, supervisio n , coordination, and guidance to assigned staff . Provide management supervision and leadershi p . Perform administrative and human resource management functions appropriate to the staff supervised. Plan work, set priorities, assign and review work. Establish goals and objectives or standards for team performance. Identify skill sets and appropriate experience levels for team members. Establish guidelines and performance expectations for staff members, and clearly communicate them through the formal employee performance management system. Observe workers' performance; demonstrate and conduct work performance critiques. Provide informal feedback and periodically evaluate employee performance. Resolve informal complaints and grievances. Develop work improvement plans and recommend personnel actions as necessary. Implement disciplinary measures as appropriate . Review and approve or disapprove leave requests . Hear and resolve team complaints.
- Keep abreast of the latest security and privacy legislation, regulations, advisories, alerts, vulnerability and technology as they pertain to the agency and its mission.
- Perform other duties as assigned . QUALIFICATIONS REQUIRED:
Applicants must also have IT-related experience demonstrative the following competencies:
Attention to Detail
Such experience must be clearly documented in the applicant's resume.
DO NOT SUBMIT TRANSCRIPTS OR OTHER UNSOLICITED DOCUMENTS. EDUCATION CANNOT BE SUBSTITUTED FOR EXPERIENCE.
If you are selected for this position, you will be required to satisfactorily complete a background investigation. HOW YOU WILL BE EVALUATED:
Your application will be evaluated first for the basic qualifications described above. The applications that meet the basic qualifications will be evaluated further against the following criteria:
1. Information Assurance Concepts, Methods and Techniques
2. IT Security
3. Risk Management
Important Note: Your resume must support your answers to the job specific questions. High self-assessment on the Occupational Questionnaire that is not supported by the information in your resume or supporting documents can/will result in a reduction of your score. If you do not answer all of the job specific questions you will not be considered. Incomplete applications (resume and required supporting documents) will be considered ineligible . Qualified applicants will be placed in one of the following three categories:
1 - Qualified Category - Meets the minimum qualification requirements as described in the Qualifications section of this announcement.
2 - Well Qualified Category - Meets the minimum qualification requirements and demonstrates proficiency based on the answers to the job specific questions.
3 - Best Qualified Category - Meets the minimum qualification requirements and demonstrates high level proficiency based on the answers to the job specific questions.
NOTE: Status candidates will be considered under the provisions of the Corporation's Human Resources system which allows for:
1) Non-competitive referral of lateral candidates; and
2) The separation of status and non-status applicants for referral purposes.
Status candidates will be referred on one selection list only, i.e., either merit promotion or non-competitive.
Nonstatus candidates who are eligible for Noncompetitive referral, e.g. Peace Corps, VRA, etc., will be referred under Noncompetitive procedures only. For Noncompetitive categories, See "Special Employment Consideration" below under "Other Information." BENEFITS:
The Corporation for National and Community Service offers a comprehensive benefits package. Explore the major benefits offered to most Federal employees at http://www.opm.gov/retire/retire_jobseekers.asp . OTHER INFORMATION:
If you are a male applicant who was born after 12/31/59 and are required to register under the Military Selective Service Act, the Defense Authorization Act of 1986 requires that you be registered or you are not eligible for appointment in this agency.
Veteran's Preference : If you are claiming 5-point or 10-point veteran's preference, you must submit documentation described below in "Required Documents."
Special Employment Consideration: Persons with disabilities, disabled veterans who have a compensable service-connected disability of 30% or more, certain other veterans, spouses of certain members of the Armed Forces, VISTA volunteers, some Peace Corps employees and returning Peace Corps volunteers are examples of individuals who are potentially eligible for noncompetitive appointment. If you are eligible and would like to be considered for one of these noncompetitive appointments, please indicate the type of appointment you are seeking on your application and follow all other instructions for applying that are shown below. Applicable documentation that supports your eligibility must be submitted with your application package. For further information, click here
Special Appointing Authorities .
usajobs.gov - 23 months ago