IT Cybersecurity Specialist - Arlington, United States - Department Of Homeland Security

    Department Of Homeland Security
    Department Of Homeland Security Arlington, United States

    1 month ago

    Default job background
    Full time
    Description

    Summary



    This announcement is issued under the Direct Hire Authority (DHA) to recruit for positions for which there is a critical hiring need. Selectee(s) will receive a career or career-conditional appointment in the competitive service and may be required to serve a one-year probationary period.

    Who May Be Considered:

    • U.S. Citizens
    View common definitions of terms found in this announcement.

    Duties


    The National Risk Management Center (NRMC) serves as the Nation's center for critical infrastructure risk analysis. NRMC provides critical analytical support to CISA's mission to understand, manage, and reduce risk to the cyber and physical infrastructure Americans rely on every day. NRMC is looking for candidates who are interested in analyzing critical infrastructure risk; promoting a shared understanding, prioritization and mitigation of those risks; and collaborating with partners on risk assessments.

    In this position you will serve as an IT Cybersecurity Specialist (INFOSEC). At full performance level, typical work assignments include:

    • Performing risk assessments of systems and networks within the critical infrastructure and NCF environment or enclave and identifying risks to those systems/networks based on understanding of threats and vulnerabilities to cyber and physical systems.
    • Developing cyber indicators to maintain awareness of the status of the highly dynamic operating environment.
    • Developing and maintaining a strategic plan for multiple services/products/initiatives.
    • Conducting research to maintain and expand knowledge and understanding of the operations of assigned sectors, National Critical Functions (NCFs), technologies, and initiatives.
    • Analyzing cyber and physical defense policies and configurations and evaluating compliance with regulations and organizational directives. Providing recommendations to supervisor on the selection of cost- effective controls to mitigate risk.
    • Developing policies, procedures and strategies governing the planning and delivery of information technology and physical security services throughout the organization.
    • Conducting the review and evaluation of infrastructure protection programs, including policies, guidelines, tools, methods, and technologies.