- Position Title
- IT Specialist (INFOSEC)
- Agency
- Office of the Inspector General for the Federal Housing Finance Agency
- Announcement Number
- 23-FHFAIG-10-MP Opens in new window
- Open Period
- Monday, February 27, 2023 to Wednesday, April 12, 2023
For preview purposes only. To apply, please return to the USAJOBS announcement and click the Apply button.
Eligibilities
1.
Do you claim Veterans’ Preference?
2.
Are you a surplus or displaced Federal employee eligible under the Career Transition Assistance Plan (CTAP)? Click CTAP for eligibility and a detailed list of required documents you must submit in order to be eligible.
3.
Are you a displaced Federal employee eligible under the Interagency Career Transition Assistance Plan (ICTAP)? Click ICTAP for eligibility and a detailed list of required documents you must submit in order to be eligible.
4.
Are you a current Excepted Service employee of a Federal Agency covered by an OPM Interchange agreement that conveys noncompetitive eligibility?
For more information, review Interchange Agreements with Other Merit Systems. https://www.opm.gov/policy-data-oversight/hiring-information/competitive-hiring/#url=InterchangeAgreementsWithOtherMeritSystems
To verify your eligibility, you must submit a copy of your Notification of Personnel Action, Standard Form (SF-50) reflecting your status.
For more information, review Interchange Agreements with Other Merit Systems. https://www.opm.gov/policy-data-oversight/hiring-information/competitive-hiring/#url=InterchangeAgreementsWithOtherMeritSystems
To verify your eligibility, you must submit a copy of your Notification of Personnel Action, Standard Form (SF-50) reflecting your status.
5.
Are you eligible for competitive consideration under any of the following merit promotion categories?
- Current Federal civilian employee in the Competitive service on a permanent career or career-conditional appointment
- Current Excepted service employee covered by an Interchange Agreement
- Former Federal employee with Reinstatement eligibility
- Veterans Employment Opportunities Act of 1998 (VEOA)
- Current Federal employee serving on a VRA appointment
- Land Management Employee eligible under Public Law 114-47
- Other competitive category not listed above (you must submit proof of eligibility)
6.
Are you eligible to be appointed under the Military Spouse Noncompetitive Appointing Authority based on any of the following categories?
- You are the spouse of an active duty member of the Armed Forces.
- You are the spouse of a member of the Armed Forces who retired with a disability rating at the time of retirement of 100 percent or the spouse of a member of the Armed Forces who retired or separated from the Armed Forces and has a disability rating of 100 percent from the Department of Veterans Affairs.
- You are the widow or widower of a member of the Armed Forces killed while in active duty status, and you have not re-married.
7.
Are you a former federal employee that has been separated for at least one full year and is eligible to be non-competitively reinstated to a higher grade or full-performance level than which you left federal employment?
(Note: you MUST provide: 1) a copy of your separation SF-50 (the "position occupied" block on the SF-50 should show a "1" and your "tenure" block should show a "1" or "2"); AND 2) the last performance appraisal you received from your federal employment which shows at least a fully successful rating.)
(Note: you MUST provide: 1) a copy of your separation SF-50 (the "position occupied" block on the SF-50 should show a "1" and your "tenure" block should show a "1" or "2"); AND 2) the last performance appraisal you received from your federal employment which shows at least a fully successful rating.)
8.
Do you currently hold (or have you previously held) on a permanent basis, a position in the competitive service (or in another merit system with which OPM has an interchange agreement), with promotion potential equivalent to (or higher than) the full performance level of the position advertised in this vacancy announcement?
9.
Are you eligible under any other miscellaneous appointing authority not listed thus far, such as (but not all inclusive to):
For more information on Foreign overseas employment please review the following: https://www.opm.gov/policy-data-oversight/hiring-information/competitive-hiring/#NontemporaryForeignService or https://www.state.gov/global-community-liaison-office/family-member-employment/family-member-employment-in-the-d-c-area/non-competitive-eligibility-nce/#NCE5
- Postal Career Service Employee;
- Postal Rate Commission Employee;
- Government Accountability Office (GAO) Employee;
- Administrative Office of the U.S. Courts Employee; or
- Foreign overseas employee or eligible family member of former overseas employee
For more information on Foreign overseas employment please review the following: https://www.opm.gov/policy-data-oversight/hiring-information/competitive-hiring/#NontemporaryForeignService or https://www.state.gov/global-community-liaison-office/family-member-employment/family-member-employment-in-the-d-c-area/non-competitive-eligibility-nce/#NCE5
10.
Are you eligible for consideration as a Peace Corps, VISTA, or Action volunteer? If you select this option, you are required to provide acceptable documentation of your appointment eligibility by submitting proof of employment from the appropriate agency with your completed application.
National Service (Peace Corps and VISTA)
National Service (Peace Corps and VISTA)
11.
Do you have a severe physical, psychiatric or mental disability that qualifies you for a Schedule A Disability appointment?
For more information, review USAJOBS Individuals with Disabilities resources.
To verify your eligibility, you must provide appropriate medical documentation, i.e., a letter signed by a licensed medical professional or licensed vocational rehabilitation specialist stating your condition and restrictions.
For more information, review USAJOBS Individuals with Disabilities resources.
To verify your eligibility, you must provide appropriate medical documentation, i.e., a letter signed by a licensed medical professional or licensed vocational rehabilitation specialist stating your condition and restrictions.
12.
Are you a veteran who separated from active duty under honorable conditions and you:
• recently separated (within the past 3 years)
• are a disabled veteran
• served on active duty during a war, campaign or expedition OR
• received an Armed Forces Service Medal
If eligible, submit a copy of your latest Certificate of Release or Discharge from Active Duty, DD-214 (copy indicating character of service) or other proof of your service which includes character of service. If claiming disability preference, provide the disability letter from the Department of Veterans Affairs or Armed Service and the Application for 10-Point Veteran Preference, Standard Form 15.
For more information, review USAJOBS Veterans resources.
• recently separated (within the past 3 years)
• are a disabled veteran
• served on active duty during a war, campaign or expedition OR
• received an Armed Forces Service Medal
If eligible, submit a copy of your latest Certificate of Release or Discharge from Active Duty, DD-214 (copy indicating character of service) or other proof of your service which includes character of service. If claiming disability preference, provide the disability letter from the Department of Veterans Affairs or Armed Service and the Application for 10-Point Veteran Preference, Standard Form 15.
For more information, review USAJOBS Veterans resources.
13.
Reasonable Accommodations for taking the online assessments are provided on a case-by-case basis only to qualified individuals with a disability covered by the Rehabilitation Act of 1973, as amended.
Do you have a disability (physical or mental) that you believe will interfere with completing the online assessments and require a Reasonable Accommodation?
Preferences
1.
Select the lowest grade you are willing to accept for this position.
2.
Are you currently serving or have served in the last five years in a Political Appointment in the Federal Government?
3.
If you were born a male after December 31, 1959, and are at least 18 years of age, have you registered with the Selective Service System (select "Not applicable" if this question does not apply to you)?
Assessment 1
For the EL-12, you must have one year of specialized experience at a level of difficulty and responsibility at the EL-11/GS-11 level in the Federal service or equivalent, which have equipped the candidate with the particular knowledge, skills, and abilities to successfully perform the duties of the position. Specialized experience for this position includes experience performing IT security work demonstrating experience with, and applying, Federal Information Security Modernization Act, Office of Management and Budget (OMB) Circular No. A-130, Appendix III, and National Institute of Standards and Technology (NIST) standards and guidelines when conducting performance audits over information technology/cyber security, in accordance with generally accepted government auditing standards (GAGAS) or equivalent non-federal auditing standards and guidelines.
Examples of such experience could include:
- Serving as a core member of a project team or subject matter expert in conducting research of reports, laws, regulations, policies, and procedures related to IT or IT security;
- Working as part of a team developing plans for IT audits or IT Security assessments;
- Working on a team involved with IT security control test work (e.g., vulnerability assessment, penetration tests, FISMA control testing, cloud security control assessment);
- Drafting workpapers or sections of report documenting IT audit or IT security assessment findings..
AND
In addition to meeting specialized experience, applicants must have proficiency in each of the four competencies listed below:
- Attention to Detail, such as monitoring implementation of recommended corrective actions.
- Customer Service, such as participating in briefings concerning contractors and proposals.
- Oral Communication, such as conducting briefings with management to discuss issues, status, and findings of IT audits.
- Problem Solving, such as planning and conducting security control test work.
Examples of such experience could include:
- Serving as a core member of a project team or subject matter expert in conducting research of reports, laws, regulations, policies, and procedures related to IT or IT security;
- Working as part of a team developing plans for IT audits or IT Security assessments;
- Working on a team involved with IT security control test work (e.g., vulnerability assessment, penetration tests, FISMA control testing, cloud security control assessment);
- Drafting workpapers or sections of report documenting IT audit or IT security assessment findings..
AND
In addition to meeting specialized experience, applicants must have proficiency in each of the four competencies listed below:
- Attention to Detail, such as monitoring implementation of recommended corrective actions.
- Customer Service, such as participating in briefings concerning contractors and proposals.
- Oral Communication, such as conducting briefings with management to discuss issues, status, and findings of IT audits.
- Problem Solving, such as planning and conducting security control test work.
1.
For the EL-12, select the answer that best describes your experience.
2.
Please give the dates/resume reference when you gained this experience so it may be found to ensure you receive proper credit.
(limit 250 characters)
For the EL-11, you must have one year of specialized experience at a level of difficulty and responsibility at the EL-09/GS-09 level in the Federal service or equivalent, which have equipped the candidate with the particular knowledge, skills, and abilities to successfully perform the duties of the position. Specialized experience for this position includes experience performing structured IT audit security work using testing tools to develop more in-depth experience promoting awareness of security issues among management and ensuring sound security principles are reflected in organizations visions and goals.
Examples of this experience could include:
- Experience assisting more experienced staff in preparing proposals or plans for IT audits or IT security assessments.
- Participate in IT security control test work (e.g., vulnerability assessment, penetration tests, FISMA control testing, cloud security control assessment).
- Experience conducting pre-audit research of prior audit/evaluation reports, laws, regulations, and procedures related to IT or IT security assessments.
AND
In addition to meeting specialized experience, applicants must have proficiency in each of the four competencies listed below in their IT-related experience:
- Attention to Detail, such as reviewing work products prepared by team members to ensure accuracy and sufficiency of support for identified weaknesses.
- Customer Service, such as reviewing and approving payment of contractor invoices.
- Oral Communication, such as providing on-the-job training on use of electronic audit documentation system.
- Problem Solving, such as participating in audits of disaster recovery exercises to identify weaknesses in continuity of operations and make recommendations for ensuring the safeguarding of information systems and their availability in the event of a disaster.
OR
You may substitute education for specialized experience as follows: Ph.D. or equivalent doctoral degree, or 3 full years of progressively higher level graduate education leading to a Ph.D. or equivalent doctoral degree. Attach a copy of transcript or list of college courses designating semester or quarter hours earned to ensure proper credit. The degree is in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management or degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks.
Examples of this experience could include:
- Experience assisting more experienced staff in preparing proposals or plans for IT audits or IT security assessments.
- Participate in IT security control test work (e.g., vulnerability assessment, penetration tests, FISMA control testing, cloud security control assessment).
- Experience conducting pre-audit research of prior audit/evaluation reports, laws, regulations, and procedures related to IT or IT security assessments.
AND
In addition to meeting specialized experience, applicants must have proficiency in each of the four competencies listed below in their IT-related experience:
- Attention to Detail, such as reviewing work products prepared by team members to ensure accuracy and sufficiency of support for identified weaknesses.
- Customer Service, such as reviewing and approving payment of contractor invoices.
- Oral Communication, such as providing on-the-job training on use of electronic audit documentation system.
- Problem Solving, such as participating in audits of disaster recovery exercises to identify weaknesses in continuity of operations and make recommendations for ensuring the safeguarding of information systems and their availability in the event of a disaster.
OR
You may substitute education for specialized experience as follows: Ph.D. or equivalent doctoral degree, or 3 full years of progressively higher level graduate education leading to a Ph.D. or equivalent doctoral degree. Attach a copy of transcript or list of college courses designating semester or quarter hours earned to ensure proper credit. The degree is in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management or degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks.
3.
For the EL-11, select the answer that best describes your experience.
4.
Please give the dates/resume reference when you gained this experience/education so it may be found to ensure you receive proper credit.
(limit 250 characters)
Specialized experience for the EL-09 is defined as one year of experience at the EL-07/GS-07 level, or equivalent, that is directly related to the position and which has equipped the candidate with the particular knowledge, skills, and abilities to successfully perform the duties of the position. Specialized experience for this position includes performing highly structured, entry level IT security audit work designed to develop broader and more in-depth knowledge and skill needed to perform higher level assignments, such as ensuring the integrity and availability of systems and networks through analysis of information systems security programs, policies, and procedures.
Examples of such experience could include:
-Experience applying operational standards to identify, isolate and resolve issues.;
-Experience participating in audit, assessment, evaluation or analytical reviews in accordance with an established process.;
-Experience assisting with the audit analysis and testing of IT systems security controls.
AND
In addition to meeting specialized experience, applicants must have IT-related proficiency in each of the four competencies listed below.
-Attention to Detail, such as preparation of supporting documents for an IT audit.
-Customer Service, such as serving as liaison with auditee representatives for a team.
-Oral Communication, such as assisting with preparation of pre-audit and exit conferences.
-Problem Solving, such as assisting with pre-audit research.
OR
You may substitute education for specialized experience as follows: Master's degree or equivalent graduate degree or 2 full years or progressively higher level graduate education leading to a Master's or equivalent graduate degree, in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management or degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks.
Examples of such experience could include:
-Experience applying operational standards to identify, isolate and resolve issues.;
-Experience participating in audit, assessment, evaluation or analytical reviews in accordance with an established process.;
-Experience assisting with the audit analysis and testing of IT systems security controls.
AND
In addition to meeting specialized experience, applicants must have IT-related proficiency in each of the four competencies listed below.
-Attention to Detail, such as preparation of supporting documents for an IT audit.
-Customer Service, such as serving as liaison with auditee representatives for a team.
-Oral Communication, such as assisting with preparation of pre-audit and exit conferences.
-Problem Solving, such as assisting with pre-audit research.
OR
You may substitute education for specialized experience as follows: Master's degree or equivalent graduate degree or 2 full years or progressively higher level graduate education leading to a Master's or equivalent graduate degree, in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management or degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks.
5.
For the EL-9, select the answer that best describes your experience.
6.
Please give the dates/resume reference when you gained this experience/education so it may be found to ensure you receive proper credit.
(limit 250 characters)
7.
Select the following choice(s) you have performed as part of your regular duties. Select all that apply.
8.
Which of the following have you performed and or assisted in the following IT security control test work? Select all that apply.
9.
Select the audit functions you have perform on a regular basis.
Select “Yes” or “No” to the following question(s).
10.
I have experience serving as the auditor-in-charge or performs assigned segments of highly technical and complex audits of IT systems and information systems security programs and practices, ensuring the audit work conforms with applicable professional standards and policy.