Description:
These positions are to be filled under the OPM Government-Wide Direct Hire Authority for Information Security (INFOSEC) Positions for grades GS 9-15. This serves as a public notice for the use of the Direct Hire Authority in accordance with 5 U.S.C. 3327 and 3330 and 5 CFR 330. Under this recruitment procedure, applications will be accepted for each location/installation identified in this Public Notice. There may or may not be actual vacancies at the time you submit your application.Requirements:
You must meet both the Basic Requirement and the Specialized Experience to qualify for this series as described below. See the Basic Requirement in the Education section.
SPECIALIZED EXPERIENCE REQUIREMENTS In addition to the basic requirement, a qualified candidate's online application and resume must also demonstrate at least one year of specialized experience equivalent to the next lower grade level in the Federal service.
The specialized experience listed are the minimum requirements for the series, each particular vacancy may have additional experience necessary to meet the applicable grade level. A qualified candidate's online application and resume must demonstrate the above competencies and at least one year of specialized experience equivalent to the next lower grade level in the Federal service. Specialized experience for these positions are defined as:
GS-09: You must have one year of specialized experience equivalent to the next lower grade (GS-07). Specialized experience for this position is defined as meeting at least 2 of 3 of the following:
OR
Master's degree or equivalent graduate degree or 2 full years of progressively higher level graduate education leading to a master's degree or equivalent graduate degree; your education must demonstrate the knowledge, skills, and abilities necessary to do the work. For this position, this is defined as a degree in computer science, information technology management, computer programming, database management, computer hardware engineering, network administration, cloud computeing, information security & assurance, or a similarly related major.
OR
Combination of education and experience as described above. Less than one year of specialized experience may be combined with graduate education in excess of the amount required for the next lower grade level (i.e., credit hours beyond the first two years of full-time study may be credited).
GS-11: You must have one year of specialized experience equivalent to the next lower grade (GS-09). Specialized experience for this position is defined as meeting at least 2 of 3 of the following: Assisting in implementing corrective or preventive actions network or system services; Taking actions to mitigate security risks, such as installing security patches, running anti-virus or other utilities; Documenting and initiating response to security problems. OR
Ph.D. or equivalent doctoral degree or 3 full years of progressively higher level graduate education leading to a Ph.D. or equivalent doctoral degree; your education must demonstrate the knowledge, skills, and abilities necessary to do the work. For this position, this is defined as a degree in computer science, information technology management, computer programming, database management, computer hardware engineering, network administration, cloud computing, information security & assurance, or a similarly related major.
OR
Combination of education and experience as described above. Less than one year of specialized experience may be combined with graduate education in excess of the amount required for the next lower grade level (i.e., credit hours beyond the first two years of full-time study may be credited).
GS-12: You must have one year of specialized experience equivalent to the next lower grade (GS-11). Specialized experience for this position is defined as meeting at least 2 of 4 of the following: Carrying out activities leading to security certification or accreditation; Conducting integrated analysis of multiple audit logs (e.g., firewall, Web server); Participating in identifying and writing specifications to meet IT security requirements at the applications or network server level; Providing input in drafting information systems security documentation (e.g. systems security plans, risk assessments, disaster recovery plans, business continuity plans, user security guides). GS-13: You must have one year of specialized experience equivalent to the next lower grade (GS-12). Specialized experience for this position is defined as meeting at least 2 of 4 of the following: Evaluating, recommending, implementing, and disseminating IT security tools, procedures, and practices to protect information assets; Planning and coordinating the delivery of an IT security awareness training program for end users at all levels in the organization; Updating an organization's contingency or disaster recovery plans to respond to new security requirements or changes in the IT architecture; Coordinating development and implementation of policies and standards for classified or confidential network systems regarding sharing and safeguarding classified or confidential information. GS-14: You must have one year of specialized experience equivalent to the next lower grade (GS-13). Specialized experience for this position is defined as meeting at least 2 of 4 of the following: Recommending new or revised security measures and countermeasures based on the results of accreditation reviews; Evaluate new security authentication technologies such as public key infrastructure certificates, secure cards, and biometrics; Identifying and specifying information systems security requirements associated with migrations to new environments; Developing specifications to ensure compliance with security requirements at the systems or LAN level. GS-15: You must have one year of specialized experience equivalent to the next lower grade (GS-14). Specialized experience for this position is defined as meeting at least 2 of 4 of the following: Leading the development of long-range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities; Identifying the need for changes based on new security technologies or threats, testing and implementing new policies, and instituting measures to ensure awareness and compliance; Planning and coordinating the development of specifications to meet security requirements at the company/agency or wide area network (WAN) level; Integrating security programs across disciplines including defining the scope and detail for security plans and policies applicable to the security program. NOTE: There is no substitution of education for specialized experience at the GS-12 through GS-15 levels.
"Experience" refers to paid and unpaid experience. Examples of qualifying unpaid experience may include: volunteer work done through National Service programs (such as Peace Corps and AmeriCorps); as well as work for other community-based philanthropic and social organizations. Volunteer work helps build critical competencies, knowledge, and skills; and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
OPM Qualification Standards for the GS-2210 series can be found at the following website: OPM Qualification Standards for the GS-2210 series.
CTAP/ICTAP candidates: To be considered "well qualified" you must meet all of the requirements as described in this section.
This public notice may be used to fill multiple positions as needed; therefore, applicants must meet the qualifications at the time certificates are requested.