Summary The NRC will use Direct Hire Authority to fill Information Technology (IT) Specialist Information Security (INFOSEC) positions. This vacancy is a REPOSITORY of applications. Applicants MAY BE periodically referred to Selecting Officials both during the open period and for up to 90 days after the closing date of the vacancy. Because of the large number of applications anticipated, applicants status will not be updated UNLESS referred. Responsibilities The successful candidate will perform the full range of IT Specialist (INFOSEC) duties. Such duties include but are not limited to: developing policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, networks, and data. conducting risk and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs. promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations visions and goals. conducting systems security evaluations, audits, and reviews. developing systems security contingency plans and disaster recovery procedures. developing and implementing programs to ensure that systems, network, and data users are aware of, understand, and adhere to systems security policies and procedures. participating in network and systems design to ensure implementation of appropriate systems security policies. facilitating the gathering, analysis, and preservation of evidence used in the prosecution of computer crimes. assessing security events to determine impact and implementing corrective actions; and/or ensuring the rigorous application of information security/information assurance policies, principles, and practices in the delivery of all IT services. Architect/Design, develop, and manage implementation of security solutions for AI systems and applications. Effectively applies management processes, including requirements development processes and performance-based acquisition principles, to support the agency's mission to develop and implement a CUI program as it transitions from SUNSI to the CUI framework. Executes strategic and operational implementation of cyber supply chain risk management (C-SCRM) functions from conceptual to existing SCRM framework and capabilities. Manages the agency SCRM risk register, solutions intake, and enterprise risk identification, while providing leadership, continuity, and active communications between CIO/CISO to characterize, understand, and mitigate enterprise risks Requirements Conditions of Employment U.S. Citizenship Required This is a Drug Testing position. Background investigation leading to a clearance is required for new hires. You must meet the qualifications for this position by no later than 30 calendar days after the closing date of this announcement and before placement in the position. This position is being filled using the agency's Direct Hire Authority. Applicants will be rated in accordance with the Office of Personnel Management (OPM) Qualification Standards for Information Technology (IT) Management Series, 2210. Position requirements vary depending upon the specific grade. You must meet any minimum experience or education requirements per OPM qualifications standards and demonstrate through experience and/or education that you possess the quality level of knowledge, skill, and ability necessary to perform the duties of the position at the grade level for which applying. For additional information, refer to the following link: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/0300/gs-2210-information-technology-management-series/ A DETAILED description of your work experience in your personal resume must clearly demonstrate that you have gained and currently possess the knowledge, skills, and abilities to satisfactorily perform the duties of the position and grade being filled. Qualifications In order to qualify for this position, you must have at least one year of specialized experience at the next lower grade level in the Federal service or equivalent experience in the private or public sector. The ideal candidate will be able to demonstrate the following: Minimum Qualifications Candidates may qualify for the 2210, IT Management Series by meeting either the Experience requirements specified in the Qualifications section of this announcement, or the Education requirements specified in the section titled Education. For GS-12: Experience that demonstrated accomplishment of computer project assignments that required a range of knowledge of computer requirements and techniques. Participates in planning, analyzing, developing, implementing, maintaining, and enhancing information systems security programs, policies, procedures, and tools. Prepares and presents information and briefings on information security issues, problems, and projects to management officials and program staff. Applies new IT technologies to participate in developing methods and policies leading to successful accomplishment of organizational requirements. Interprets policies, procedures, and strategies in developing and delivering information security systems and programs to assigned organizations. Knowledge of the methods, techniques, and procedures for developing and implementing IT information security programs, policies, procedures, and tools. Knowledge of the IT infrastructure, systems, hardware, and software applications of the agency or organization, sufficient to function as a technical resource on IT security functions. Knowledge of new and evolving IT technologies and developments, in order to participate in evaluating and recommending adoption of new approaches for delivery of IT services. Skill in the principles, methods, and practices of customer support and determination of user requirements, to ensure that IT systems and services meet organizational and program needs. Knowledge of program and project management principles and methods, in order to participate in IT programs and projects involving the development and implementation of IT systems and services of the organization SPECIALIZED EXPERIENCE In order to qualify for this position, you must have at least one year of specialized experience at the next lower grade level in the Federal service or equivalent experience in the private or public sector. Analysis of the interrelationships of pertinent components of the system. Planning the sequence of actions necessary to accomplish the assignment; and Personal responsibility for at least a segment of the overall project. GS-13 and above: Experience that demonstrated accomplishment of computer project assignments that required a wide range of knowledge of computer requirements and techniques pertinent to the position to be filled. This knowledge is generally demonstrated by assignments where the applicant analyzed a number of alternative approaches in the process of advising management concerning major aspects of ADP system design, such as what system interrelationships must be considered, or what operating mode, system software, and/or equipment configuration is most appropriate for a given project. For all positions, individuals must have IT-related experience demonstrating each of the four competencies listed below. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. For all grades, one year of specialized experience at the next lower grade level (or equivalent) is required. Specialized experience is experience that has equipped the applicant with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position and is typically in or related to the work of the position to be filled. Such experience is typically gained in the IT field or through the performance of work where the primary concern is IT. -OR- SPECIALIZED EXPERIENCE is experience that involved ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. A description of how you possess the specialized experience as well as how you meet the qualifications desired in an ideal candidate should be addressed in your resume. Education You must include an unofficial or official copy of your college and/or university transcripts with your application. Education must be from an accredited (or pre-accredited) college or university recognized by the U.S. Department of Education. If you are qualifying based on foreign education, you must submit proof of credibility of education as evaluated by a credentialing agency. If you have multiple degrees (e.g., BS, MS, PhD) please submit transcripts for each degree. Degree requirements: A degree in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management or degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems, or networks and provided knowledge equivalent to a major in the computer field. For additional information on substituting education for experience, please click the following link: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/ When qualifying based on education, transcripts and/or certifications must be submitted at the time of application. Note: It is your responsibility to furnish documentation that verifies you meet the basic education requirements; in the absence of such documentation, you will not be considered. Additional Information The duty location of this position is Rockville, MD. In general, employees are expected to be in the office at a minimum of 4 days per pay period. Telework schedules, including full-time telework, are approved, on a case-by-case basis. If selected, telework will be determined in accordance with Agency policy and the Collective Bargaining Agreement, if applicable.