U.S. Fish and Wildlife Service is seeking to fill an Information Technology Management position!
TITLE: Information Technology Management
GRADE & SERIES: GS-2210-12/13
LOCATION: Falls Church, VA (USFWS Headquarters)
WHO CAN APPLY: Must be U.S. Citizen
ELIGIBILITY: Individuals with a disability (Schedule A), Veterans with a disability (FAQ), and Veterans who are VRA Eligible (FAQ)
ARE YOU QUALIFIED: A qualifying candidate will have experience in all 2 elements below within their resume. Candidates without all 2 elements will not be considered for this position.
BACKGROUND: Must be able obtain a public trust
NOTE: This position is NOT on USAJobs, we are using the selected hiring authorities mentioned above.
OPEN DATE: Accepting candidates until December 16, 2016.
HOW TO APPLY: You must contact the Workforce Recruiter with your resume and special hiring authority eligibility documentation: firstname.lastname@example.org
This position is located within the Branch of Information Assurance, under the Deputy Assistant Director for Information Resources and Technology Management (Deputy ADIR), U.S. Fish and Wildlife Service (FWS or Service). The Service is a Bureau within the Department of the Interior (Department or DOI) and its mission is to work with others to conserve, protect, and enhance fish, wildlife, plants and their habitats for the continuing benefit of the American people. Information Resources and Technology Management (IRTM) is an integral part of the Service’s day-to-day operations, providing a foundation and necessary tools for the natural resource programs to accomplish their mission.
The Office of IRTM is responsible for planning and execution of Information Resources Management, Technology Management, Automated System Security Management, Inventory and Asset Management, Information Project Management, Information System Strategic and Long-Term Planning, and Information Management Career Development programs and activities. Major IT functional areas include Enterprise Architecture (EA), Capital Planning and Investment Control (CPIC)/Portfolio Management, Service-wide/National -level infrastructure services, Enterprise technology engineering, applications development, Security Operations, and information management compliance (Security, Privacy, Freedom of Information Act and Records Management).
The Branch of Information Assurance manages the operational tools to ensure a secure, stable environment for the systems and applications of the Service. The Branch Chief is the Service's Chief Information Security Officer (CISO). Branch engineers install, implement, monitor, and maintain security tools, including: firewalls, intrusion/detection/prevention systems; vulnerability management systems; log and event monitoring and correlation systems; and application firewall systems. The Branch is also responsible for compliance, managing the Service’s IT Security Policy and Training; Plan of Action and Milestones (POAM); Security Audits; Accreditation and Authorization (A&A) and Internal Control Review (ICR) processes to ensure that the Service is in compliance with all applicable regulatory and oversight requirements of the Department of the Interior (Department or DOI), the Office of Management and Budget (OMB), National Institute of Standards and Technology (NIST), and other entities.
As an IT Specialist, the incumbent is responsible for IT security compliance, developing and managing the Service’s IT Security Policy and Training; POAM; Security Audits; A&A activities and ICR processes to ensure that the Service is in compliance with all applicable regulatory and oversight requirements of the DOI, the OMB, NIST, and other entities.
ELEMENT 1: Information Assurance Program Management (60%) Manages the Accreditation and Authorization (A&A) and Internal Control Review (ICR) processes for all Service information technology systems to ensure cost-effective security is implemented throughout FWS.
Develops A&A procedures in coordination with the CISO, Chief Technical Officers (CTOs), Regional Information Technology Security Managers (RITSMs), and System Security Managers (SSMs); and prepares A&A reports, status documents, briefings, procedures, and guidelines as requested by Service management and/or as required by law or other mandates.
Develops ICR procedures in coordination with the Chief Information Security Officer (CISO), RITSMs, SSMs; prepares ICR reports, status documents, briefings, procedures and guidelines as requested by Service management and/or as required by law or other mandates.
Manages and oversees the use of the Cyber Security Assessment and Management (CSAM) tool for the Service, providing guidance for its application and use in the A&A program, as well as other tracking and compliance capabilities.
Serves as a technical expert to FWS personnel in developing A&A components, including privacy requirements, system categorization, system security plans, risk assessments, security test and evaluations, and contingency plans.
Provides expert technical advice and guidance in implementing information security policies and procedures in the compliance realm and ensures the rigorous application of information security policies, principles, and practices in the delivery of all IT services.
As requested, leads or participates with senior management in representing the Service on interagency and intradepartmental committees, meetings, and task groups to coordinate policies, standards, joint agency programs and provides assistance on special projects as assigned by CISO.
As a member of the information assurance team, the incumbent supports the IT Security Program to ensure compliance and operational security requirements have been met by regularly serving as back-up to other specialists in the areas of: the Plan of Action and Milestones program; liaison for IT related audits; monitoring network security; and security and privacy incident tracking and resolution.
WHAT ARE WE LOOKING FOR IN A RESUME:
- Knowledge of principles for large enterprise implementation of IT and related information resources management technology, Federal IT management policies, and policies concerning systems development, security, and utilization of IT related equipment and software to integrate information systems security with other security disciplines
- Expert knowledge of Federal security legislation and industry security standards, principles, and policies; sufficient to ensure execution, coordination, and/or collaboration on security activities.
- Mastery knowledge of, and skill in applying methods for evaluating, implementing, and disseminating IT security tools and procedures; IT security certification and accreditation requirements; computer forensic principles; and network operations and protocols sufficient to develop, implement, and coordinate activities designed to ensure cost-effective security and protection of the Service’s IT systems, services, and capabilities; to ensure the integration of IT programs and services and develop solutions to integration/inoperability issues; to monitor and evaluate sytems compliance with IT security requirements; to provide advice and guidance in implementing IT security policies and procedures; and to ensure proper protection of evidence used in investigating computer crimes.
ELEMENT 2: Policy, Guidance, Standards
Develops and implements
information assurance policies, plans, procedures, and standards in support of
the Service information assurance program, including but not limited to:
defining the current and target IT security posture; Standard Operating
Procedures (SOPs) in support of A&A and ICR processes; and leading
information assurance modernization projects and teams.
IT security guidance and standards and establishes related information
technology security standards, policies, and guidelines to ensure appropriate
application, implementation, and compatibility with government-wide standards.
Ensures information assurance meets Federal and Departmental
Prepares and delivers
education and awareness briefings to ensure that systems, network, and data
users are aware of, understand, and adhere to IT security policies and
procedures with regard to A&A, ICR, and CSAM.
WHAT ARE WE LOOKING FOR IN A RESUME:
- Mastery knowledge of Federal and Department cybersecurity regulations, of various forms of cyber-attacks (i.e., viruses, worms, Trojan horses, phishing, denial of service (DOS) attacks,unauthorized access (stealing intellectual property or confidential information) and control system attacks) , and of cybersecurity measures (i.e., firewalls, anti-virus software, intrusion detection and prevention systems, encryption and login passwords) sufficient to develop Service policies, processes and protocols to ensure the safety of the Service/Department IT system and information stored within the system.
- Skill in clear and concise written communications to develop policies, prepare written guidance and decisions, disseminate information or changes in procedures; prepare reports on the technical aspects of IT security policy to managers and users; and to respond to inquiries.
- Ability to communicate clearly and effectively orally to present and report on the technical aspects of IT security policy to managers and users.