Summary Who may apply: This announcement is open to all U.S. Citizens This position is located in: IT DIR OFFICE, ENTERPRISE SERVICES, IT SECURITY SERVICES, ZTAG This position is located in the I&T Security Services Division, and is responsible for implementing Cybersecurity, Risk Management Framework projects, planning and policy management., IT-ZTAG. Pay for first time hires to the Federal Government will typically be set at step 1 salary range for their respective grade level. Responsibilities The successful candidate will perform the full range of Sr. IT Cybersecurity Specialist duties. Maintain and update agency level information security policies, methods, and standards in accordance with Department of Defense (DoD), Federal, and National Institutes of Standard and Technology (NIST) standards guidelines. Serve as an agency integrator, analyzing programs, trends and opportunities to provide efficiencies, optimization and improvements. Analyze Cybersecurity and Risk Management Framework programs to ensure agency compliance with DoD requirements. Plan, develop, and implement cybersecurity processes to ensure they operate effectively and are compliant with the Federal Information Systems Security Management Act (FISMA) and other relevant policies, guidelines, and procedures. Oversee the analysis, development, and reporting of the annual RMF program and FISMA reporting. Manage small-to-large size IT cybersecurity and RMF related projects that address the needs of DFAS including requirements gathering, planning, budgeting, scheduling, developing, testing, implementing, and debriefing. Support compliance of agency DoD 8140 programs. Serve as a Sr. Representative to other ISSMs and provides guidance and additional details to questions or concerns. Serves as the central contact with other offices and IT system owners and provides leadership to other ISSMs outside the Division. Serve as a Sr. Representative on RMF related issues to external agencies and DoD CIO level offices As a recognized IT technical authority, works to coordinate the RMF program in line with agency strategy and goals. Leads efforts to continually evolve the RMF program including emerging topics such as Continuous Authorization. Serve as a Senior ISSM for the DFAS Risk Management Framework Program, leading the operation and growth of the RMF Program including Continuous Monitoring, FISMA/Annual Security Assessment, and DFAS Common Control Providers. Requirements Conditions of Employment Qualifications Resumes for federal government positions need more detailed work descriptions and accomplishments than a typical private sector resume. Please be sure to clearly describe the full scope of your work experiences in your resume. Basic Requirement: Applicants must have cybersecurity and RMF related experience demonstrating the following competencies appropriate to, or above, the level of this position. Your resume and work experience should clearly support your ability to meet these competencies and will be evaluated as part of the entire application process. Attention to Detail- Is thorough when performing work and conscientious in attention to detail in responses, communications and deliverables. Experience reviewing my own information technology cybersecurity-related work or data and have been responsible for reviewing the work of others to ensure accuracy, completeness, and consistency with standards. Customer Service- Works to develop and maintain relationships with customers, anticipating and assessing the current and future cybersecurity needs of customers, and developing or identifying cybersecurity or RMF products or services that are tailored to meet customer needs. Oral Communication- Relays information and briefs senior-level management and IT staff on the status of cybersecurity and RMF projects, or operations, including communicating technical information to a non-technical audience. Problem Solving- Identifies problems and alternatives to address unique, highly complex, or sensitive cybersecurity and RMF-related issues. Anticipates problems, has identified and evaluated sources of information to generate alternative solutions and resolutions. In addition to the Basic Competency Requirements listed above, one year of specialized experience equivalent in level of difficulty and responsibility to that of the next lower grade GS-13 in the federal service, which demonstrates the ability to perform the duties of the position, is required. Specialized experience is defined as providing authoritative Risk Management Framework and Cybersecurity guidance and oversight leading an Agency Cybersecurity and RMF Program. Must have working knowledge in the area of Risk Management Framework to include, but not limited to: NIST SP 800-37, NIST SP 800-53 (current version), DoDI 8500.01, DoDI 8510.01. Working knowledge of federal requirements such as Privacy Act of 1974, OMB A-130 and FISMA working knowledge of information system security controls and auditing requirements; monitoring compliance of cybersecurity programs to information systems security laws, regulations, protocols or security certification and accreditation requirements, which MUST include Risk Management Framework (RMF); AND serving as a senior project manager for complex, high-visibility cybersecurity and RMF related projects, providing oversight and analysis for an organization's systems projects during the entire project life cycle, including planning and development, execution and evaluation of project performance using established qualitative and quantitative tools, techniques, and practices. Volunteer Experience: Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Education Education is not substitutable for specialized experience at this grade level. Additional Information In accordance with the DoD 8140 policy series, the position is subject to completing Foundational Qualifications in 9 months and completing Residential Qualification requirements in 12 months. Moving expenses WILL be paid. Telework availability will be based upon the mission requirements and supervisory determination. Selections are subject to restrictions resulting from the DoD Program for Stability of Civilian Employment. Employment with DFAS means access to generous benefits such as: health, vision, and dental insurance, retirement benefits, paid time off, and educational benefits. A one year probationary period may be required. We may use this announcement to fill additional vacancies within 90 days of the closing date. This position is exempt from the Fair Labor Standards Act. Travel requirement is occasional. This position is covered by a bargaining unit. This position is being filled under the Direct Hire Authority for Certain Personnel of the Department of Defense via delegated authority by the Office of the Secretary of Defense. Positions may be filled as permanent or term with a full-time or part-time work schedule. Pay will vary by geographic location. We reserve the right to close this announcement early or to extend, as appropriate, based upon the needs of the Agency. Qualified application packages may be referred to management at various points in the selection process depending on the number and timing of applications received. Selections may be made at any point during the announcement open period. Veteran's Preference: Veteran's preference does not apply under this Direct Hire Authority (DHA). PPP Application Based Preference Eligibles (Military Reserve and National Guard technicians, Military Reserve and National Guard technicians receiving disability retirement, and Retained Grade employees) will receive priority consideration at the full performance level only. Males born after 12-31-59 must be registered or be exempt from Selective Service (see http://www.sss.gov). Retired Civil Service Employee: Employment of retired Federal employees receiving an annuity is subject to the requirements of the Department of Defense (DoD) policy guidance. (See DoD Instruction 1400.25, Volume 300, here). The Security Designation will vary and dependent upon position and may require a secret clearance or higher. Employment in this position requires a background investigation which may delay starting date. If you are selected and cannot obtain a favorable security determination within a reasonable period of time due to disclosed/undisclosed background issues, the employment offer may be withdrawn. Individuals selected are required to obtain/maintain a favorable security determination to occupy a sensitive position within the agency as a condition of employment. Failure to maintain eligibility to occupy a sensitive position may result in termination. For more information see the security section of Understanding Vacancy Announcements. Criminal History Inquiries- For some positions, criminal history inquiries may not take place before you receive a conditional job offer. Please see Fair Chance to Compete for Jobs Act of 2019 (dfas.mil) for more information on The Fair Chance to Compete Act, exceptions, and DFAS contact information. All applicants are encouraged to apply electronically. If you are unable to apply on-line, you may contact 317-212-0454 for assistance.