This position resides in the KSC IT Security Office of the Information Technology and Communications Services Directorate (ITB00) and directly supports the NASA Office of the Chief Information Officer (OCIO) IT Security Division (ITSD) as the Agency Enterprise Information Security Risk Manager.
To receive consideration, you must submit a resume and answer NASA-specific questions.
The NASA questions appear after you submit your resume and are transferred to the NASA web site.
If you successfully apply, USAJOBS will show your application status as 'Received'.
If your status is 'Application Status Not Available', you have not successfully applied.
Do not rely on a USAJOBS email to confirm successful application.
Only an email from NASA confirms a successful application.Deliberate attempts to falsify your application information, such as copying portions of this job announcement into your resume, may result in you being removed from consideration for this position.
If you are an individual with a disability and have questions regarding the Federal special hiring authorities for individuals with disabilities or would like to request a reasonable accommodation for the application or hiring process, please contact the Selective Placement Coordinator (SPC) at KSC by sending an email to KSC-JobsInbox@mail.nasa.gov.As a Federal employee you are required by Federal statutes and regulations to avoid certain potential financial conflicts of interest and assignments in which it may appear that you could act partially.
See 18 U.S.C. 208 & 5 C.F.R.
Pay may be set in accordance with the General Pay Provisions delineated in NPR 3530.1C.
Applicants must address IT-related experience and demonstrate each of the four competencies below in their resume:1.
Attention to Detail - Is thorough when performing work and conscientious about attending to detail.2.
Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.3.
Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.4.
Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.ANDApplicant must have one year of specialized experience equivalent to the GS-13 level in the Federal Service, which has equipped the applicant with the particular competencies needed to successfully perform the duties of the position described above.Specialized experience is defined as experience in the following:Demonstrated application of experience of National Institute of Technology and Standards (NIST) security standard on:- Risk Management Framework- Federal Information Processing Standards (FIPS) 199 and 200- NIST Special Publications (SP) 800 series related in risk management, risk assessment, security and privacy control implementation and testing.Experience in Information Technology (IT) project management (which includes the formulation, modification, and determination of overall project objectives) to oversee programs/projects in the areas of IT security risk assessment and risk management.Experience in determining the risk posture of a project/program and mitigation efforts needed to reduce and manage risk.Experience in managing and/or assessing computer security areas such as risk assessment, preventing and detecting computer security threats, intrusion detection systems, wireless security, firewalls and technical management to manage and plan operations for a security operations center.Experience in deploying and operating IT security tools on an enterprise level across thousands of computersExperience in managing IT security data for senior management to the system admin level to support dashboards and detailed dataExperience developing, maintaining, and assessing information systems security plans and procedures.Demonstrated experience with the usage of the RSA Archer products.
U.S. citizens and U.S. nationals