Summary This position is located within the Office of Information and Technology Services and reports to the Information System Security Officer (ISSO). The incumbent serves as technical professional and IT Information Security Specialist with the responsibility for supporting the agency’s cybersecurity program. Responsibilities This position is focused on vulnerability management and CPSC’s Continuous Diagnostic and Mitigation (CDM) program through DHS-CISA. The incumbent will also perform functions related to cybersecurity incident response, operational security, and threat intelligence. The duties of this position include: Continuously identifies and analyzes threats and vulnerabilities to the agency's information systems and recommends processes and procedures to help mitigate identified threats and vulnerabilities. Performs risk analysis, security testing, and certification in response to modifications or changes to computer systems or applications. Evaluates, assesses, or locally tests and approves all hardware, software, and firmware products that provide security features prior to use on the agency's production network. Executes computer security plans and enforces mandatory access control techniques. Oversees the agency's incident response capability and IT security effectiveness. Utilizes current and future multi-level security products collectively to provide data integrity, confidentiality, authentication, non-repudiation, and access control of the LAN. Reports to EXIT management and the ISSO all incidents involving viruses, tampering, or unauthorized system entry. Ensures least access to privileged programs (i.e., operating system, system parameter and configuration files, and databases), utilities, and security-relevant programs/data files to authorized personnel. Implements methods to prevent unauthorized access to sensitive agency information. Evaluates unusual circumstances to recognize and define potential vulnerabilities and selects and oversees the installation of physical and technical security barriers to prevent others from improperly obtaining such information. Reviews and assesses system changes for security implications and impact on existing operations. Provides technical recommendations and guidance for corrective actions resulting from security audits and vulnerability assessments. Conducts routine vulnerability and configuration compliance scanning. Evaluates and recommends the acquisition of IT security tools. Installs and configures new hardware, software, and peripheral equipment to support IT security tools in accordance with agency standards. Provides timely detection, identification, and alerts of possible attacks and intrusions, anomalous activities, and misuse activities and distinguishes these incidents and events from benign activities. The incumbent will play an integral part in implementing security requirements, mandates, and best practices from authoritative entities such as OMB, DHS, and NIST. Performs other duties as assigned. Requirements Conditions of Employment U.S. Citizenship Required. Background Investigation Required. Must be a U.S. Citizen. This is a Public Trust Position. Employment in this position requires a background investigation. If you are selected and cannot obtain a favorable security determination within a reasonable period of time due to disclosed or undisclosed background issues, the tentative employment offer may be withdrawn. If you are a male born after December 31, 1959 you must certify that you have registered with the Selective Service System, or are exempt from having to do so under the Selective Service Law. Please see http://www.sss.gov for more information. Selectees will be required to complete a "Declaration of Federal Employment", (OF-306), prior to appointment and the appropriate background investigation forms to determine suitability for Federal employment. False statements or responses on these forms can jeopardize your employment opportunity and subject you to disciplinary action, including removal from Federal service. The selectee will be required to complete a Personal Identity Verification (PIV) process that requires two forms of identification from the I-9 Form. We will compare information provided on the I-9 Form to records available from the U.S. Department of Homeland Security. The system confirms employee’s identity and eligibility to work in the United States. Learn more about E-Verify, including your rights and responsibilities. Depending on your status, this position may require serving a 1-year probationary period. Qualifications All applicants must have 52 weeks of specialized experience equivalent to at least the next lower grade level (GS-12) in the Federal Service. Specialized experience is experience that has equipped the candidate with the particular knowledge, skills, and abilities to perform successfully the duties of the position. Qualifying specialized experience must demonstrate the following: 1) Experience reviewing proposed system requirements, design and architecture documents to identify potential security issues in agency cloud and on-prem environments, information systems, and applications. 2) experience evaluating, installing, configuring and managing security tools and services that are employed to protect or monitor agency information system environments; 3) experience performing system vulnerability and configuration compliance scanning using scanning tools like Qualys and Tenable; and 4) experience in planning, implementation and/or Operations & Maintenance (O&M) of DHS- CISA Continuous Diagnostic and Mitigation (CDM) tools. In addition to the above specialized experience, applicants must also meet the IT-Related proficiency level for all four of the competencies listed below: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Evidence of the above specialized experience and IT-related proficiency must be supported by detailed documentation of duties performed in positions held. Your resume is the key means we have for evaluating your skills, knowledge, and abilities as they relate to this position. Therefore, we encourage you to be clear and specific when describing your experience. Evidence of the above specialized experience must be supported by detailed documentation of duties performed in positions held. Your resume is the key means we have for evaluating your skills, knowledge, and abilities as they relate to this position. Therefore, we encourage you to be clear and specific when describing your experience. We will not make assumptions regarding your experience or based on job titles alone. If your resume does not support your questionnaire answers, we will not allow credit for your response(s). Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Applicants must meet the qualifications for this position by the closing date of this announcement. Education This position does not have a mandatory education requirement. Additional Information CPSC provides reasonable accommodations to applicants with disabilities on a case-by-case basis. If you need a reasonable accommodation for any part of the application or hiring process, please contact the Human Resources Specialist listed in this vacancy announcement. Payment of relocation expenses is NOT authorized. All the information you provide will be verified by a review of the work experience and/or education as shown on your application, by checking reference and through other means, such as the interview process. Any exaggeration of your experience, false statements, or attempts to conceal information may be grounds for not hiring you or for firing you after you begin work. Additional selections may be made through this vacancy announcement. A selectee receiving a first appointment to the Federal Government (Civil Service) is entitled only to the lowest step of the grade for which selected. The display of a salary range on this vacancy shall not be construed as granting an entitlement to a higher rate of pay. As a condition of employment, the selectee must reside in the local commuting area of the duty station listed in this announcement. Telework schedules (within the local commuting area) are approved on a case-by-case basis. Employees will have an onsite requirement each week. Proof of residence may be required.