This announcement may close prior to the closing date once an adequate pool of at least 50 eligible applicants is reached.
DUTY LOCATION: This position will be held in one of six locations: Austin, TX; Birmingham, AL; Chicago, IL; Dallas, TX; Houston, TX; or Washington, DC.
The purpose of the position is to develop and or analyze procedures and systems for Identifying and assessing, mitigating and evaluating the effectiveness of risk management within Information Technology enterprise risk management compliance is evaluated as it relates to both IT and traditional programs through the identification and assessment, mitigation and evaluation process.
This is accomplished through an intense control reviews and analysis.
The employee is responsible for risk management assessments, mitigation and evaluations in support of the Veterans Affairs massive Information Technology Networks.
The employee will consolidate, analyze and interpret data to identify isolated systemic problems, best practices and provide feedback based on Federal regulations, VA policies, OIT and QPR guidance while taking into consideration industry standards.
The employee will review and determine the overall effectiveness of the Veterans Affairs Risk Management Program within designated Veterans Affairs facilities.
The employee will be assigned to one team with in QPR.
The assessments results may impact risk management programs Veterans Affairs-wide.
Applicants are encouraged to apply immediately.
This announcement may close prior to the established closing date once 50 applicants are reached.
To qualify for this position, applicants must meet all requirements by the closing date of this announcement.
GS-13 grade level: One year of specialized experience (equivalent to the GS-12 grade level in the federal service); experience that equipped the applicant with the particular knowledge, skills and abilities (KSA's) and other characteristics to perform successfully the duties of the position, and that is typically in or related to the work of the position to be filled, in the normal line of progression for the occupation in the organization.
Specialized experience includes: Having expert knowledge of IT risk management and security principles and methods, IT security products and services required to sufficiently perform IT assessments, mitigations and evaluations, develops and/or interprets policy, procedural controls and guidelines covering IT security, application and data security, system software security, contingency planning, and compliance with Federal IT laws and regulations; having mastery knowledge of requirements analysis IT security principles and methods, communications techniques, IT Forensics principles, network operations and protocols, systems security regulations and policies sufficient to provide IT security advice and to develop IT security implementation plans which ensure proper protection of IT systems; having expert knowledge of appropriate Veterans Affairs policies, operating procedures, information flow, and of prevailing IT practices in government agencies and the private sector sufficient to evaluate and recommend adoption of new or enhanced approaches to delivering IT security measures and to develop specifications to ensure compliance with security requirements at the IT systems level; having expert skills necessary to protect the IT infrastructure environment; having expert knowledge of and skills necessary to plan, organize, and direct team study work and to negotiate effectively with management to accept and implement IT information risk management and security compliance recommendations where the proposals involve substantial agency-wide resources, require extensive changes in established procedures, or may be in conflict with the desires of the activity studied; having knowledge of the agency's program goals and objectives, the sequence and timing of key IT risk management events and milestones, and methods of evaluating the worth of IT risk management compliance and inspection program accomplishments.
AND This position includes a Selective Placement Factor (skill, knowledge, ability or other worker characteristic basic to - and essential for - satisfactory performance of the job).
Selective Placement Factors are a prerequisite to appointment and represent minimum requirements for a position.
Applicants who do not meet it are ineligible for further consideration.
The Selective Placement Factor for this position is: Possess the experience to evaluate Risk management compliance as it relates to both IT and traditional programs through the identification, assessment, mitigation and evaluation process.
Must have the ability to develop and/or analyze procedures and systems for identifying, assessing, and mitigating enterprise risk; evaluate the effectiveness of risk management within the Information Technology Enterprise; and based on operations and changing program requirements, collects relevant information, identifies relevant issues, and develops legislative proposals and/or regulatory changes.
Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religions; spiritual; community; student; social).
Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.
You will receive credit for all qualifying experience, including volunteer experience.