IT CYBERSECURITY SPECIALIST (INFOSEC)(T32)

Clarification from the agency

Title 32 CAT 1- All on board Federal Employees/Technicians within the ALARNG (T32 and T5, Permanent and Excepted Indefinite) CAT 2- Current Army M-Day and Temporary Technicians within ALARNG CAT 3- Applicants willing to become NG T32 DS Technicians and gain ALARNG membership, all current federal employees, all U.S. Citizens

1. Serves as the principle advisor to the CIO and the State on the latest industry and technological projections as they pertain to Cyber Security / Information Assurance for the network enclave infrastructure. Develops policies for organization deployed throughout the headquarters. Must anticipate the effects of new emerging technology and develop policies to control it to prevent security violations. Duties include oversight of the Army IT Training Program of Record and accreditation of all systems in-accordance-with (IAW) with all command, Army, and DoD security directives, policies and procedures. Ensures that all elements are in compliance with guidance concerning accreditation of automated information systems, risk management, control of computer viruses, and other similar issues.(30%)

2. Directs, manages, and monitors a system of internal controls that ensure effective and appropriate use of resources.

A. Manage and lead the implementation of the RMF. Maintain and report Information Systems (IS) and Platform IT (PIT) systems assessment and authorization status and issues in accordance with DoD Component guidance. Provide direction to the ISSO in accordance with DoD, Army and NGB directives. Coordinate with the organization's cyber security service provider to ensure issues affecting the organization's overall security are addressed appropriately. Maintain a repository for all organizational or system-level Cybersecurity-related documentation. Ensure that ISSOs are appointed in writing and provide oversight to ensure they are following established Cybersecurity policies and procedures.

B. Monitor compliance with cybersecurity policy, as appropriate, and review the results of such monitoring. Certify that Cybersecurity inspections, tests, and reviews are synchronized and coordinated with affected parties and organizations. Validate implementation of IS security measures and procedures including reporting incidents to the AO and appropriate reporting chains, and coordinating system-level responses to unauthorized disclosures in accordance with DoD, Army, and NGB guidelines. Ensure handling of possible or actual data spills of classified information resident in ISs, are conducted in accordance with applicable guidelines.

C. Act as the primary cybersecurity technical advisor to the AODR for DoD IS and PIT systems under their purview. Ensure that Cybersecurity-related events or configuration changes that may impact DoD IS and PIT systems authorization or security posture are formally reported to the AO and other affected parties, such as IOs and stewards and AOs of interconnected DoD ISs. Ensure the secure configuration and approval of IT below the system level (i.e., products and IT services) in accordance with applicable guidance prior to acceptance into or connection to a DoD IS or PIT system. (30%)

3. Collaborates with senior leadership within the State to negotiate, decide on, or coordinate work-related changes affecting operations. Advises senior leadership with broader and higher responsibilities on problems involving the relationship of the work of the cybersecurity teams to broader programs, and its impact on IT Services. Serves as a technical advisor to the CIO. Participates as a member and advisor on special committees and special projects designed to study methods to enhance the use of IT throughout the Command. Participates in developing strategic plans for enhancement of the system environment, developing functional and technical requirements for acquisitions, conducting cost-benefit analyses, feasibility studies, and related activities. (25%)

4. Provides executive leadership, guidance, and direction to ensure acquisition, development, and retention of a professional, highly capable workforce to accomplish assigned missions. Provides supervision in the daily operations for security activities for the enclave. Establishes performance standards and evaluates employee performance. Reviews and recommends approval of, candidates for promotions and recognition. Reviews and approves: work plans to be accomplished by subordinates; priorities and schedules for completion of work; sets broad objectives; monitors subordinate employees' performance in providing IT services; reviews accomplishments; and takes appropriate action of correction when deficiencies are noted. Gives advice, counsels, or instructs individual employees, on both work and administrative matters. (15%)

Performs other duties as assigned.

PLEASE CONTACT HRO FOR COMPLETE POSITION DESCRIPTION.

Conditions of employment

• NATIONAL GUARD MEMBERSHIP IS REQUIRED. If you are not sure you are eligible for military membership, please contact a National Guard recruiter prior to applying for this position.
• This is an excepted service position that requires membership in a compatible military assignment in the employing state's National Guard, required prior to the effective date of placement.
• Selectee will be required to wear the military uniform.
• Applicants who are not currently a member of the National Guard must be eligible for immediate membership and employment in the National Guard in the military grade listed in this announcement.
• May be required to successfully complete a probationary period.
• Participation in direct deposit is mandatory.
• May occasionally be required to work other than normal duty hours; overtime may be required.

Qualifications

MILITARY REQUIREMENTS: This is an excepted service position that requires membership in a compatible military grade in the Alabama Army National Guard. Applicants who are not currently a member of the Alabama Army National Guard must be eligible for immediate membership. If you are not sure you are eligible for military membership, please contact an Alabama Army National Guard recruiter at 800-464-8273 prior to applying for this position.

MINIMUM MILITARY RANK: CW2
MAXIMUM MILITARY RANK: CW4

THIS POSITION WILL BE FILLED AS AN INDEFINITE APPOINTMENT FOR AN UNSPECIFIED PERIOD OF TIME. THE INCUMBENT MAY BE TERMINATED UPON RECEIVING A 30 DAY NOTICE. SHOULD THIS POSITION BECOME PERMANENT, THE INDIVIDUAL MAY BE CONVERTED TO PERMANENT STATUS WITHOUT FURTHER COMPETITION (AND UPON RECOMMENDATION OF SUPERVISOR AND APPROVING AUTHORITY).

EXPERIENCE REQUIREMENTS: Each applicant must fully substantiate (in his/her own words) that he/she meets the requirements of the Specialized Experience listed below: Otherwise, the applicant will be considered unqualified for this position. DO NOT COPY THE VACANCY ANNOUNCEMENT OR THE POSITION DESCRIPTION. DOING SO MAY RESULT IN DISQUALIFICATION FOR THE POSITION.

GENERAL EXPERIENCE: Experience, education, and/or training that has provided a basic knowledge of data processing functions and general management principles that enabled the applicant to understand the stages required to automate a work process. Experience may have been gained in work such as computer operator or assistant, computer sales representative, program analyst, or other positions that required the use or adaptation of computer programs and systems.

SPECIALIZED EXPERIENCE: 1-year specialized experience equivalent to at least the next lower grade. Experience in managing the function of the work to be performed. Experience which includes leading, directing and assigning work of personnel.

KNOWLEDGE REQUIRED:
-Mastery knowledge of the DoD architecture, applicable security controls, and mechanisms, both technical and procedural, to safeguard information systems and data.

- Mastery knowledge in developing, implementing, and enforcing information security policies and standards within the organization.

- Mastery knowledge in risk assessment methodologies, risk analysis, and the ability to identify and mitigate potential security risks to the organization's information systems.

- Mastery knowledge in researching and understanding of relevant laws, regulations, and industry standards pertaining to information security, such as National Institute of Standards and Technology (NIST), DODI, Army regulations, Privacy act (PA), HIPAA, ISO 27001, etc.

- Mastery knowledge in the most up-to-date vulnerabilities and the process of responding to and skill in managing security incidents, including incident detection, analysis, and mitigation.

- Mastery knowledge in designing and implementing secure information systems, considering architecture, network security, and application security.

- Mastery knowledge in the ability to develop and skill in implementing security awareness programs to educate employees about security policies and practices.

- Mastery skill in conducting security audits and assessments to evaluate the effectiveness of security controls and compliance with policies.

- Mastery knowledge of security technologies, such as firewalls, intrusion detection/prevention systems, encryption, authentication, and other security tools.

- Mastery knowledge in the advanced principles of security governance, including the interrelationships of all IT specialties, their roles and responsibilities, reporting structures, and accountability. Mastery of skill in applying Information Security roles and responsibilities cohesively with counterparts within the organization.

- Master skill in communicating complex security requirements, policies, and issues to various stakeholders within the organization.

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

Once the announcement has closed, your resume and supporting documentation will be used to determine if you meet the qualifications listed on this announcement. If you are minimally qualified, your resume and supporting documentation will be compared to your responses on the assessment questionnaire to determine your level of experience. If you rate yourself higher than is supported by your application package, your responses may be adjusted and/or you may be excluded from consideration for this position. If you are found to be among the top qualified candidates, you will be referred to the selecting official for employment consideration.

To apply for this position, you must submit a complete Application Package which includes:

1. Your resume showing work schedule, hours worked per week, dates (including Month and Year, e.g., 02/2017, Feb 2017, etc.) of employment and duties performed.

2. Other supporting documents: SF-50s, transcripts and DD 214s are recommended, but not required.

Next steps