USA Staffing

Position Title: INFORMATION TECHNOLOGY SPECIALIST (INFOSEC)
Agency: Treasury, Departmental Offices
Announcement Number: 24-DO-1014-DH Opens in new window
Open Period: Thursday, October 17, 2024 to Thursday, October 24, 2024

For preview purposes only. To apply, please return to the USAJOBS announcement and click the Apply button.

1. Do you claim Veterans’ Preference?

A. No, I do not claim Veterans' Preference

B. 0-point Sole Survivorship Preference (SSP)

C. 5-point preference based on active duty in the U.S. Armed Forces (TP)

D. 10-point preference for non-compensable disability or Purple Heart (XP)

E. 10-point preference based on a compensable service connected disability of at least 10% but less than 30% (CP)

F. 10 point preference based on widow/widower or parent of a deceased veteran, or spouse or parent of a disabled veteran (XP)

G. 10-point preference based on a compensable service connected disability of 30% or more (CPS)

2. Are you a surplus or displaced Federal employee eligible under the Career Transition Assistance Plan (CTAP)? Click CTAP for eligibility and a detailed list of required documents you must submit in order to be eligible.

A. Yes

B. No

3. Are you a displaced Federal employee eligible under the Interagency Career Transition Assistance Plan (ICTAP)? Click ICTAP for eligibility and a detailed list of required documents you must submit in order to be eligible.

A. Yes

B. No

1. Are you currently serving or have served in the last five years in a Political Appointment in the Federal Government?

A. Yes

B. No

2. Where did you learn about this Department of the Treasury job opportunity?

A. FedExperience website

B. USAJOBS website

C. Community Organization

D. Employment Office (Federal/State or Local)

E. Friend/Relative

F. Job Fair, Conference, or Convention

G. Magazine

H. Newspaper

I. School, College, Counselor

J. Vacancy Announcement Posting

K. Professional Organization

L. Radio/TV

M. Other

3. If you were born a male after December 31, 1959, and are at least 18 years of age, have you registered with the Selective Service System (select "Not applicable" if this question does not apply to you)?

A. Yes

B. No

C. No, but I have an approved exemption

D. Not applicable

4. Are you a current Federal employee?

A. Yes

B. No

5. If you are, or ever were a Federal civilian employee, indicate the pay plan and grade level or pay band of the highest graded position you have ever held.
(limit 250 characters)

6. Have you attended any of Treasury's information sessions? (Please click all that apply.)

A. Navigating USAJOBS

B. Writing Your Federal Resume

C. Interviewing Techniques

D. Early Career Programs (Students, Recent Graduates, Entry Level, Apprenticeship)

E. I have not attended any sessions.

Specialized experience for the OR-53 (GS-13 equivalent): An applicant must have one year of specialized experience equivalent to at least the OR-52 (GS-12 equivalent) in the Federal service. The experience may have been gained in either the public or private sectors. Specialized experience for this position is defined as ALL of the following:
- Experience supporting and managing Security Assessment and Authorization (SA&A) activities required for obtaining and maintaining Security Authorization to Operate (ATO) of Office of Financial Research (OFR) information systems; AND
- Experience conducting and reviewing security assessments including continuous monitoring tasks in compliance with National Institute of Standards and Technology (NIST) and organizational policies; AND
- Experience developing, reviewing, and updating Information Security (infosec) and privacy policies and procedures; AND
- Experience providing support to Information Systems Security Manager/Information Systems Security Officer (ISSM/ISSOs) as needed in managing information security of their systems.

Select “Yes” or “No” to the following question(s).

1. Do you meet the specialized experience as stated in the vacancy announcement?

A. Yes

B. No

In addition to meeting the specialized experience, for all positions, individuals must have IT-related experience demonstrating proficiency in each of the four competencies listed below:

- Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
- Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.; AND
- Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.; AND
- Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Select “Yes” or “No” to the following question(s).

2. Do you possess all four IT-related competencies as listed above in your IT-related experience?

A. Yes

B. No

3. Which of the following IT security practices have you managed or performed? (Select all that apply).

A. Update contingency or disaster plans to respond to new security requirements in the IT architecture

B. Present IT plans to the IT security manager for review & approval

C. Evaluate, recommend for acquisition, implement, or disseminate IT security tools, procedures, and practices to protect information assets

D. Administer and monitor IT security technologies in support of an analytic environment

E. None of the above

4. Choose the statement(s) that best describe your experience in administering, monitoring, analyzing, and configuring security for an enterprise system. (Select all that apply).

A. Enterprise Systems Application Audit Trails

B. Network and Host Intrusion Detection Services (NIDS and HIDS)

C. Enterprise Security Information Event Management

D. Microsoft Windows event logging, or other logging services

E. Network monitoring services, computer systems monitoring services, or incident response services for major enterprise with multiple national or international locations connected via the Internet and private networks

F. Security configuration baselines for moderate or high categorized systems

G. Computer applications and operations staff to maintain the security readiness of applications and configurations

H. None of the above

5. Have you ever personally performed, or led teams responsible for: (Select all that apply).

A. Working with IP networking and networking protocols

B. Working with internet, web, application, and network security techniques

C. Applying knowledge of NIST or other standards and federal laws and regulations related to IT security

D. Configuring and maintaining secure configurations in Red Hat Linux, Solaris and/or Microsoft Operating Systems

E. Applying knowledge of principles, practices, and techniques of IT security continuous monitoring, including automation tools

F. Developing and implementing an IT Security Architecture

G. Designing and operating Risk Management and Incident Handling programs

H. None of the above

6. From the following list, please select the SIEM Tools that you have experience with:

A. FireEye

B. Splunk

C. Trustwave

D. AlienVault

E. None of the above

7. Choose the response that MOST accurately reflects your highest level of experience with respect to developing technical documentation related to malware detection, host-based intrusion detection and associated endpoint security solutions.

A. I developed and implemented changes to procedures within my organization and forwarded these changes to a higher level for agency-wide implementation

B. I implemented changes to procedures within my organization based on feedback from internal customers and/or the public

C. I identified the need for changes and made specific recommendations for changes to procedures within my organization to higher level management

D. None of the above

8. In which of the following environments have you provided advice and assistance regarding security architecture, system-level security controls, and maintenance of system documentation for a large information technology system.

A. Financial research or regulatory organization

B. Secure government environment

C. Banking Industry or Banking Regulatory Community

D. General government environment

E. e-Commerce/ e-Business

F. None of the above

9. Which of the following system documentation have you personally developed? (Select all that apply)

A. Incident Handling Procedures

B. Risk assessment

C. System security plan

D. Contingency plan

E. Security Assessment & Authorization (SA&A)

F. Plan of Actions and Milestones (POA&M)

G. None of the above

10. Which of the following types of documents have you written? (Select all that apply)

A. User and Data Access Procedures

B. System Security Plans

C. Vulnerability Assessment Reports

D. Plans of Action and Milestones

E. Privacy Impact Assessments

F. Risk Management Plans

G. None of the above

11. Choose the statement(s) that describe your experience in communicating information to senior management officials. (Select all that apply)

A. Lead preparation of policy recommendations, procedures or analyses, providing data and background information to senior officials as requested

B. I developed comprehensive materials for reports, briefings, and meetings for management officials

C. I communicated program strategies, goals, objectives and priorities to program personnel within an organization

D. I prepared and presented briefing materials for senior management

E. I made recommendations orally

F. None of the above

12. Choose the statements that best describe your experience in identifying and implementing application security. (Select all that apply.)

A. I have identified security requirements during the requirements analysis and design disciplines of system development

B. I have performed IV&V for systems or applications to see that they meet all security requirements

C. I have implemented systems or applications that meet security requirements

D. None of the above

13. From the following list of duties, please select those you have performed related to Splunk administration:

A. Performed installation, configuration management, capacity planning, license management, data integration, data transformation, field extraction, event parsing, data preview and application management of Splunk platform

B. Provided expert analysis and advice on the design and customization of complex search queries and promote advanced searching, forensics and analytics, developed dashboards, data models, reports and optimized their performance

C. Developed, implemented and documented configuration standards, policies and procedures for operating, managing and ensuring the security of the Splunk infrastructure

D. Participate in incident, problem, and change management processes related to Splunk

E. None of the above

14. I have planned IT projects / initiatives that required me to personally prepare the following: (Select all that apply)

A. Analyses of the effectiveness of existing systems including the feasibility of pursuing alternatives for improvement

B. Cost benefit analyses on which project authorization decisions were based

C. Detailed project plans including multiple deliverables, dependencies, timelines and key milestones

D. Project proposals including costs, benefits, timetables and implementation strategies

E. System specifications and statements of work

F. Other documentation necessary to satisfy legal, regulatory and policy requirements

G. None of the above

Your session will expire due to inactivity in 60 seconds.

Unsaved data may be lost if you allow this session to expire.

Warning! The announcement has now closed.

Failure to continue will prevent you from completing and submitting the application.

Click the Stay Connected button below to continue your session.

Terms & Conditions

Your Session is About to Expire!