IT Specialist (Security)

To view the complete qualification standard, applicants should reference- U.S. Office or Personnel Group Coverage Qualification Standard for Information Technology (IT) Management Series 2210 (Alternative A): Information Technology (IT) Management Series 2210 (Alternative A) To qualify for this position, you must demonstrate in your application that you possess at least one year of specialized experience equivalent to FV-H, FG/GS-10-12. Specialized experience is experience that has equipped you with the particular knowledge, skills, and abilities to perform successfully the duties of the position. Specialized Experience is: Experience supporting the development and maintenance of cybersecurity policies in accordance with federal frameworks, while leveraging modern technologies and automation tools to enhance security governance and efficiency. Qualifications must be met by the closing date of this vacancy announcement. If the Agency decides to interview any qualified employee on the selection list, then all on the list who are qualified must be interviewed. If the selection list is shortened to a best qualified list through a comparative process, then the best qualified list shall be considered to be the selection list.

As a vital member of the Cybersecurity Governance Branch (AIS-110) within the FAA's Information Security & Privacy Services (AIS) Directorate, you will play a critical role in fortifying the security of the agency's networks and infrastructure. Operating within a broader division that oversees IT security compliance and the agency's 24x7 Security Operations Center (SOC), your primary focus will be managing the complete lifecycle of the FAA¿s enterprise cybersecurity and privacy policies. You will actively develop, review, and update these policies, standards, and standard operating procedures (SOPs) to ensure strict alignment with federal frameworks, such as NIST and FISMA. By coordinating seamlessly with the Department of Transportation (DOT), FAA Lines of Business (LOBs), and Security Operations (SOs), you will interpret complex regulatory requirements and ensure all directives reflect the most current threat landscapes and agency mission needs. Furthermore, you will leverage the latest technology and tools to maintain meticulous documentation and strict version control for all cybersecurity procedures. Beyond policy creation, you will serve as a key risk advisor by evaluating, processing, and tracking information security and privacy deviation requests, including risk acceptance memos and production data usage requests. This involves coordinating directly with requesters to gather necessary information, identifying the specific risks posed to the FAA enterprise, and briefing AIS leadership on your findings. You will facilitate the appropriate signatures, ultimately submitting risk acceptance requests to the FAA CISO and CIO for final approval. To ensure these frameworks are effective in practice, you will conduct periodic policy audits and comprehensive risk assessments, utilizing compliance findings to recommend actionable updates and actively support the implementation and enforcement of cybersecurity controls across all agency systems and departments. In addition to project and stakeholder oversight, you will play a critical role in financial stewardship and resource management. You will collaborate with functional, technical, and operational teams to effectively allocate staff, contractors, and financial resources across various cybersecurity projects. This includes managing and monitoring the department's budget through multi-year planning, detailed cost tracking, submitting acquisition requests, and assisting with contracts to ensure strict alignment with fiscal policies and funding constraints. Beyond core program management, you will be instrumental in modernizing the agency's operational efficiency through technology. You will design, analyze requirements for, and integrate automated workflows across critical Information Security and Privacy Services (AIS) operations, including Privacy, Cyber Program Management, Governance, Compliance, and Cybersecurity Operations. Working closely with IT, cybersecurity, and engineering teams, you will implement these effective automation solutions, document the new processes, and provide essential user training to ensure smooth adoption. Finally, you will actively research and recommend emerging automation technologies to continuously enhance the FAA's resilience and operational efficiency.