Summary
As the Vulnerability Management Lead, you will manage and maintain GSA cybersecurity defenses.
Location of position:
The Office of GSA IT, Security Operations Division (ISO)
1800 F St. NW, Washington, DC 20405
The Security Operations Division is responsible for providing real-time operational security through the security operations center and enterprise network security capabilities.
We are currently filling one vacancy, but additional vacancies may be filled as needed.
Duties
As a Vulnerability Management Lead you will perform the following duties:
- Responsible for a variety of Information Security tasks and functions to ensure agency level compliance with GSA IT Security policies, Federal Information Security Management Act of 2002 (FISMA), Office of Management and Budget (OMB), Department of Homeland Security (DHS), and National Institute of Standards and Technology (NIST) requirements.
- Provides expert advice to the Division Director. Represents the Division and OCIO in meetings with other GSA entities; and GSA in meetings with representatives of industry, other agencies, public organizations, etc. , to resolve problems, develop joining policies/standards; analyze, select and implement IT security products/services/solutions, and exchange information regarding areas of technical expertise.
- Conducts, oversees, and monitors security analyses, testing, and evaluations of GSA information systems in support of Security Assessment and Authorization (A&A) of and ongoing Continuous Monitoring. Creates reports, guidance, and direction for enhancement of security for systems/networks.
- Participates in the conduct and management of independent evaluations and compliance reviews of IT systems in accordance with FISMA. This includes, but is not limited to, POA&M reviews, assessment, and authorization package reviews, exhibit 300 reviews, vulnerability assessments and scanning activities, system configuration reviews, and system inventory reviews, IT audit findings and remediation, etc.
- Mitigates data exfiltration and service disruption risks, and reduces detection and response times, and recommends and directs changes in network and system designs, plans, or documentation to ensure compliance with security and privacy policy. Accelerates AI/ML-driven analytics into defensive cyber operations, including automated threat intelligence, anomaly detection, and risk scoring.
- Responsible for implementing Enterprise Security Shared Services across stakeholders, in conjunction with the Director and the CISO/DCISO, building product roadmaps, business use cases, technical specifications, wireframes, mockups, prototypes, launch plans, tracking key performance metrics and data analytics/reporting along with end user/customer surveys among other deliverables for identifying efficiencies for the rolled-out services.
- Manages GSA's Vulnerability Disclosure Program and Bug Bounty Program. Provides oversight and manages notifications from public sources of information risks for these programs.
- Evaluates, acquires, configures, and uses software intended to ensure that automated systems are secure from unauthorized use, viral infection, and other problems that would compromise sensitive information in terms of confidentiality, integrity, and availability, or would compromise other aspects of overall system security.
Requirements
Conditions of employment
- US Citizenship or National (Residents of American Samoa and Swains Island)
- Meet all eligibility requirements within 30 days of the closing date.
- Register with Selective Service if you are a male born after 12/31/1959
- Direct Deposit of salary check to financial organization required.
If selected, you must meet the following conditions:
- Current or Former Political Appointees: The Office of Personnel Management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C or Non-Career SES employee in the Executive Branch, you must disclose this information to the HR Office. Failure to disclose this information could result in disciplinary action including removal from Federal Service.
- Serve a one year probationary period, if required.
- Undergo and pass a background investigation (Tier 2 investigation level).
- Have your identity and work status eligibility verified if you are not a GSA employee. We will use the Department of Homeland Security’s e-Verify system for this. Any discrepancies must be resolved as a condition of continued employment.
Qualifications
For each job on your resume, provide:
- the exact dates you held each job (from month/year to month/year)
- number of hours per week you worked (if part time).
If you have volunteered your service through a National Service program (e.g., Peace Corps, Americorps), we encourage you to apply and include this experience on your resume.
The GS-14 salary range starts at $143,913 per year.
If you are a new federal employee, your starting salary will likely be set at the Step 1 of the grade for which you are selected.
To qualify, you must have at least one year of specialized experience equivalent to the GS-13 level or higher in the Federal service
and have IT-related experience demonstrating EACH of the four competencies below:
IT SPECIALIST COMPETENCY REQUIREMENTS:
- Attention to Detail - This skill is generally demonstrated by assignments where the applicant investigates and evaluates "state of the art" technology of the industry.
- Customer Service - This skill is generally demonstrated by assignments where the applicant confers with users to evaluate the effectiveness of, or identify the need for, computer programs or management systems.
- Oral Communication - This skill is generally demonstrated by assignments where the applicant persuades others to take particular course of action or to accept findings, recommendations, changes, or alternative viewpoints.
- Problem Solving - This skill is generally demonstrated by assignments where the applicant identifies and accommodates technology and resource constraints.
SPECIALIZED EXPERIENCE:
In addition to the Basic Requirements listed above, you must have one year of specialized experience equivalent to the GS-13 in the Federal service.
Specialized experience is defined as experience conducting or assisting with security assessments, evaluations, or continuous monitoring of information systems and ensuring compliance with cybersecurity policies or regulatory requirements. This experience must also include identifying and addressing security vulnerabilities or risks, recommending improvements to system or network designs, or using security software or tools to safeguard systems. Such experience may be obtained in government, industry, or other related fields.
Additional information
Candidates will not be hired based on their race, sex, color, religion, or national origin.
Applicants are encouraged to make their resume searchable in their USAJOBS.gov profile. This will allow Federal hiring specialists and hiring managers across agencies to find their resume as part of agency recruitment campaigns or staffing searches.
If you apply to this position and are selected, we will not ask about your criminal history before you receive a conditional job offer. If you believe you were asked about your criminal history improperly, contact the agency or visit GSA's webpage.
Relocation-related expenses are not approved and will be your responsibility.
On a case-by-case basis, the following incentives may be approved:
- Credit toward vacation leave if you are new to the federal government
Additional vacancies may be filled through this announcement in this or other GSA organizations within the same commuting area as needed; through other means; or not at all.
Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.
Benefits
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
You will have access to many benefits including:
- Health insurance (choose from a wide range of plans)
- Life insurance coverage with several options
- Sick leave and vacation time, including 11 paid holidays per year
- Thrift Savings Plan (similar to a 401(k) plan)
- Flexible work schedules
- Transit and child care subsidies
- Flexible spending accounts
- Long-term care insurance
- Training and development
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
