Information Systems Security Analyst​/Specialist

Summary

Position will be filled at any of the locations listed below. Site-specific salary information is as follows:

• Battle Creek, MI: $89,508 - $116,362
• Columbus, OH: $93,400 - $121,422
• Dayton, OH: $92,841 - $120,696
• Fort Belvoir, VA: $102,415 - $133,142
• New Cumberland, PA: $102,415 - $133,142
• Ogden, UT: $89,508 - $116,362
• Philadelphia, PA: $98,630 - $128,221
• Richmond, VA: $93,499 - $121,551

• Serve as a Subject Matter Expert (SME) for DLA's NIPRNet and SIPRNet enclaves, supporting vulnerability management and cyber compliance for all assigned software, hardware, servers, and end-user devices.
• Support Technology Foundation Services (TFS) in developing, maintaining, and updating cyber compliance documentation, including Risk Management Framework (RMF) and Assessment & Authorization (A&A) artifacts.
• Responsible for TFS activities surrounding audit readiness and incorporation of cybersecurity policies and initiatives instituted by J6, DLA and DoD.
• Support DLA Cyber Operational Readiness Assessment (CORA) preparations, including repeatable processes for identifying, remediating, and reporting non-compliant NIPRNet and SIPRNet IT assets.
• Validate compliance with established security configurations, leveraging defined baselines such as Security Technical Implementation Guides (STIGs) for TFS-managed hardware and software assets.
• Ensure cybersecurity compliance for software applications, storage, servers, and end-user devices within DLA's NIPRNet and SIPRNet enclaves.
• Develop and maintain detailed reports and dashboards to communicate vulnerability status, remediation progress, and overall security posture to leadership.
• Validate system compliance with cybersecurity configuration baselines using automated and manual checks.

• Must be a U.S. citizen.
• Tour of Duty:
  Set Schedule.
• Security requirements:
  Critical Sensitive, Secret access.
• Appointment is subject to a favorable suitability or fitness determination; unfavorable background checks will result in removal.
• FLSA:
  Exempt.
• Selective Service Requirement:
  Males born after 12-31-59 must be registered or exempt.
• Recruitment
  
  Incentives:
  
  Not Authorized.
• Bargaining Unit Status:
  No.
• Selectees must have REAL  acceptable identification for federal facility access.

• Specialized
  
  Experience:
  
  One year of specialized experience directly relevant to this position, equivalent to GS-11 level or equivalent. Qualified experience must be directly related to:
  • Serving as an SME in developing and maintaining critical cybersecurity documentation artifacts for audit compliance, cyber inspection, RMF, eMASS, and A&A requirements.
  • Identifying and developing specifications, recommendations, checklists, and reporting procedures for technical staff to meet IT security requirements at the application and server level, and assisting with Plan of Action and Milestones (POAM) development for NIPRNet and SIPRNet environments.
  • Acting as liaison with cybersecurity staff and performing risk analysis of IT security posture, including vulnerability assessments, reporting of security patches/updates, and recommending corrective actions and mitigations for NIPRNet and SIPRNet environments.
  • Performing risk analysis of IT security posture, including vulnerability assessments and reporting of security remediation.
• Education Substitution:
  Education may not be used in lieu of specialized experience for this grade level.
• Additional Information:
  Per 5 C.F.R. 302.106, DLA will provide Section 508 conform ant ICT to employees with disabilities. All ICT interfaces with the public related to vacancy announcements must conform to applicable requirements.

The agency is committed to a drug-free workplace. Candidates must commit to abstaining from illegal drug use and may be required to undergo drug testing as part of the background and eligibility process.