IT Specialist (Security)

Applicants must have demonstrated experience as listed below. This requirement is according to the AO Classification, Compensation, and Recruitment Systems which include interpretive guidance and reference to the OPM Operating Manual for Qualification Standards for General Schedule Positions. Specialized Experience: Applicants must have at least one full year (52 weeks) of specialized experience in each of the following: Mission-critical IT modernization initiatives including coordinating with stakeholders to resolve technical issues, assessing system security impacts, and implementing protective measures for high value assets to ensure the confidentiality, integrity, and availability of enterprise information technology systems. Ensuring compliance with federal information security and privacy requirements including implementing and assessing National Institute of Standards and Technology Special Publication (NIST SP 800 53) controls; supporting authority to operate (ATO) processes; and coordinating cross-functional security, audit, and compliance efforts to address vulnerabilities, incidents, and risks to maintain IT system operations and ensure continual security posture improvement. Leading cross functional teams in the planning, operation, and continuous improvement of federal information systems to ensure secure system design, configuration management, vulnerability remediation, and alignment with NIST and the Federal Risk and Authorization Management Program (FedRAMP) requirements for federal IT systems including Software as a Service (SaaS) and Platform as a Service (PaaS) solutions that meet functional, non-functional, contractual and budget requirements. One of the following certifications is highly desired for this position: Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Preferred qualifications include: Experience leading technical change management in the context of software development, software security, infrastructure, or platform services in regulated environments. Familiarity with vulnerability management workflows and remediation governance across multiple engineering teams. Strong documentation discipline for change records, approvals, and verification evidence. Experience working in multi-pod agile delivery models with coordinated cadences and releases. Experience working in cross functional multi-disciplinary environments. Demonstrated problem-solving and communications skills.