Summary This announcement is issued under the Direct Hire Authority (DHA) to recruit for positions for which there is a critical hiring need. Selectee(s) will receive a career or career-conditional appointment in the competitive service and may be required to serve a one-year probationary period. Who May Be Considered: U.S. Citizens Interagency/Career Transition Assistance Program (I/CTAP) eligibles View common definitions of terms found in this announcement. Responsibilities This is a shared job announcement across the Cybersecurity and Infrastructure Security Agency, with multiple participating divisions. Multiple positions may be filled from this announcement. These divisions include, but are not limited to: Cybersecurity Division (CSD) Emergency Communications Division (ECD) Infrastructure Security Division (ISD) Integrated Operations Division (IOD) National Risk Management Center (NRMC) Office of the Chief Information Officer (OCIO) Office of the Chief Operations Support Officer (OCOSO) Stakeholder Engagement Division (SED) Typical work assignments include: Develop, review and recommend methods to monitor and measure risk, compliance, and assurance efforts. Conduct risk analysis, feasibility study, and/or trade-off analysis to develop, document, and refine functional requirements and specifications. Develop organizational cyber policy, programs, and guidelines for implementation. Develop policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data. Requirements Conditions of Employment You must be a U.S. citizen. Selective Service - Males born after 12/31/59 must be registered or exempt from Selective Service, see http://www.sss.gov/ All Federal employees are required to participate in Direct Deposit/Electronic Funds Transfer for salary payments. DHS uses E-Verify, an Internet-based system, to confirm the eligibility of all newly hired employees to work in the United States. Learn more about E-Verify, including your rights and responsibilities. You must be able to obtain and maintain a security clearance suitable for Federal employment as determined by a background investigation. This may include a credit check, a review of financial issues, as well as certain criminal offenses and illegal use or possession of drugs. Since this announcement will be used to fill positions within multiple divisions across CISA, the type of investigation and security clearance level will be made in accordance with the specific position. One-year probationary period may be required. This position may be designated as essential personnel. Essential personnel must be able to serve during continuity of operation events without regard to declarations of liberal leave or government closures due to weather, protests, and acts of terrorism or lack of funding. Failure to report for or remain in this position may result in disciplinary or adverse action in accordance with applicable laws, rules, and regulations (5 U.S.C. 7501-7533 and 5 CFR Part 752, as applicable). This position has been identified as a drug testing designated position (TDP) for purposes of the CISA's Drug-Free Workplace Program. All applicants tentatively selected for this position will be required to submit to a drug test to screen for illicit/illegal drug use prior to receiving a final offer of employment. A final offer of employment is contingent upon a negative drug test result. After appointment, you may be subject to periodic random drug testing. Qualifications To be considered minimally qualified for this position, you must demonstrate that you have the required education or experience for the respective grade level in which you are applying: EDUCATION: Degree in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management or degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems, or networks. All academic degrees and coursework must be from accredited or pre-accredited institutions. A transcript must be submitted with your application if you are basing your qualifications on education. Applications submitted without this information may not be considered. GS-11 Ph.D. or equivalent doctoral degree or three (3) full years of progressively higher-level graduate education leading to a Ph.D. or equivalent doctoral degree. OR EXPERIENCE: Experience must be Information Technology (IT)-related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. You must have IT-related experience demonstrating each of the four competencies listed below: GS-11 Attention to Detail- Reviewing IT systems to identify vulnerabilities. Customer Service- Assessing the needs of IT project stakeholders. Oral Communication- Communicating IT security requirements to stakeholders. Problem Solving- Providing recommendations to resolve IT and/or system issues. GS-12 Attention to Detail- Monitoring information systems or networks to ensure compliance of security measures. Customer Service- Identifying the need for updates to security technologies. Oral Communication- Providing recommendations to other technical specialists on IT security issues. Problem Solving- Identifying potential security risk in IT systems and recommending solutions. AND SPECIALIZED EXPERIENCE: In addition to meeting the qualification requirement listed above, you must have at least one year of specialized experience at the next lower GS-grade level (or equivalent). Specialized experience is experience that has equipped you with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position and is typically in or related to the work of the position to be filled. Such experience is typically gained in the IT field or through the performance of work where the primary concern is IT. GS-11 You qualify for the GS-11 grade level if you have at least one (1) year of specialized experience at the GS-09 grade level (or equivalent) performing AT LEAST FOUR of the following duties: Supporting and engaging with stakeholders and inter-agency in developing and analyzing risk management products focusing on national security; or Collaborating with a wide range of partners including internal partners to address full-spectrum cyber threats and vulnerabilities; or Applying basic knowledge of IT/cybersecurity program management and project management principles and techniques; or Ensuring awareness and compliance of information systems; or Applying IT/cybersecurity principles, methods, and tools in assisting senior specialists and management in defining IT cybersecurity requirements and implementing and supporting IT security applications; or Conducting risk assessments of installed information systems to identify protection needs of activities; or Assisting with the developing and interpreting policies, procedures, and strategies governing the planning and coordination of cyber defense operations; or Providing customers with information/analytical support/guidance on Cybersecurity requirements. GS-12 You qualify for the GS-12 grade level if you have at least one (1) year of specialized experience at the GS-11 grade level (or equivalent) performing AT LEAST FOUR of the following duties: Coordinating risk management strategies and techniques with partners and stakeholders; or Maintaining and strengthening partnerships with stakeholders and inter-agency in developing and analyzing risk management products focusing on national security; or Assisting in the development of long-range plans for IT systems that anticipate, identify, evaluate and minimize risks associated with IT systems vulnerabilities; or Providing support in cyber operations, vulnerability assessments, penetration testing, and/or cyber threat hunting; or Integrating and aligning information security and/or cybersecurity policies to ensure that system analysis meets security requirements; or Applying IT systems security principles, concepts, and methods, and process engineering concepts and project management principles and methods; or Developing methods to collect and analyze metrics and trending data; or Managing the Information Technology (IT) planning process to ensure that developed solutions meet customer requirements. Four out of eight specialized experience is REQUIRED and must be explicitly documented/described in your resume or you will be disqualified from further consideration. Please describe duties you perform (not just knowledge, skills and abilities) as they relate to the specialized experience required for this position. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. All qualification requirements must be met by the closing date of this announcement. Education If you are relying on your education to meet qualification requirements, you MUST submit a copy of your transcripts if you want to substitute your education for experience. Unofficial transcripts will be accepted that includes your name, the name of the educational institution, course title(s), number of credits, grade, and date of completion. An official transcript will be required if you are selected. Education must be from an accredited institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education. Foreign Education: Education completed in foreign colleges or universities may be used to meet the qualification requirements. You must show the education credentials have been evaluated by a private U.S. organization that specializes in interpretation of foreign educational credentials and such education has been deemed equivalent to that gained in an accredited U.S. education program. It is your responsibility to provide such evidence with your application. See Recognition of Foreign Qualifications for more information. Additional Information Other incentives may be authorized. If you receive a conditional offer of employment for this position, you will be required to complete an Optional Form 306, Declaration for Federal Employment, and to sign and certify the accuracy of all information in your application, prior to entry on duty. False statements on any part of the application may result in withdrawal of offer of employment, dismissal after beginning work, fine, or imprisonment. This job opportunity announcement may be used to fill additional vacancies. This position has been designated excluded from bargaining unit representation under the national security provision of 5 USC Section 7112(B)(6). When entering a federal job at a grade level lower than the highest promotion potential level, you may be promoted to more complex duties and work more independently, as your career progresses. NOTE: Career ladder promotions are not automatic, and all eligibility and qualifications requirements must be met in order to progress to the next grade level. Reasonable Accommodation Requests: This agency provides reasonable accommodation to otherwise qualified applicants and employees with a disability covered under the Rehabilitation Act of 1973, as amended, unless to do so would create an undue hardship to the agency (29 CFR 1614.203 (2017)). If you need a reasonable accommodation for any part of the application or hiring process, contact the CISA Office of Equity, Diversity, Inclusion and Accessibility (OEDIA) by sending an email to CISAReasonableAccommodation@cisa.dhs.gov with the subject line, "Reasonable Accommodation Request @ CISA." In the email itself, you must include your name, vacancy announcement number(s), and state your intent to seek a reasonable accommodation. Decisions on requests for Reasonable Accommodations are made on a case-by-case basis. For more information or inquiries, please contact the CISA Reasonable Accommodation Program at CISAReasonableAccommodation@cisa.dhs.gov. Current or Former Political Appointees: The Office of Personnel Management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C, Non-career SES or Presidential Appointee employee in the Executive Branch, you must disclose this information to the Human Resources Office. Shared Certificate: When CISA completes their selections, the remaining list of qualified candidates may be shared with other DHS Component agencies who are hiring for similar positions. You will have an opportunity to opt-in if you would like your name, application materials, and assessment results shared to be considered for employment with other DHS Component agencies. There is no guarantee of further consideration, and you can continue to explore other job opportunity announcements.