IT Cybersecurity Specialist

The Department of Energy's (DOE) overarching mission is to advance the national, economic, and energy security of the U.S. through scientific and technological innovation and the environmental cleanup of the national nuclear weapons complex.

The National Energy Technology Laboratory (NETL) produces technological solutions to America's energy challenges by advancing technology to provide clean, reliable, and affordable energy to the American people. NETL discovers, integrates, and matures technology solutions to enhance the nation's energy foundation and protect the environment for future generations.

RECENT GRADUATE - The Program is a dynamic, 1 year developmental program that promotes careers in the Federal Government to recent graduates. You must apply within two years of receiving a qualifying degree or certificate, with the exception of veterans, who have up to six years to apply to the Recent Graduates Program due to military service obligations. Students may also apply up to nine months prior to completing their academic requirements, depending upon agency-specific policies.

A successful candidate will serve in an intermediate trainee developmental level with assignments consisting of specific, often unrelated, tasks that are selected to orient employees in the practical application of theory and basic principles. This is a developmental position with promotion potential to GS-2210-12. At the lower levels, the selectee will perform developmental assignments under closer supervision than that required at the full performance level of GS-12. Assignments become progressively more difficult until the next performance level is reached.

IT Specialist acts as the Information Systems Security Officer (ISSO) overseeing the security posture for 1 or more system(s) throughout the entire lifecycle; provides continuous monitoring through scheduled audits, controls testing and audit reviews, and escalates issues as needed; administer the implementation of information technology (IT) security controls and security authorization documents, and ensure the system is compliant with mandated security policies and requirements; provide technical recommendations for all Risk Assessments and Vulnerability Assessments conducted for the system or site; provide security analysis of IT activities to ensure that appropriate security measures are in place and being enforced; promote IT security awareness information to the user community by validating the user community is completing their annual training; oversee and maintain regulatory requirements; participate on the Change Control Board (CCB) by reviewing changes for security implications and security applications; and be responsible for primary duties corresponding to capabilities outlined in the NIST’s Cyber Security Framework and perform duties as an IT Specialist (Security); ensure the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.

Ensure the rigorous application of information, security and information assurance policies, principles, and practices in the delivery of all IT services; participate in defining IT security requirements and provide advice and guidance in implementing IT security policies and procedures in the development and operation of network systems; integrate information systems security with other security disciplines and deliver activities leading to security certification or accreditation; recommend new or revised security measures and countermeasures based on the results of accreditation reviews; plan and conduct security accreditation reviews for installed systems or networks; provide input in drafting information systems security documentation (e.g., systems security plans, risk assessments, disaster recovery plans, business continuity plans, and user security guides); plans, develops, and coordinates agency-level information assurance or information security programs and strategies (i.e. agency workforce security training program or security audit program); evaluate and respond to threat intelligence information developed locally and by other agencies and third parties; plan and deliver customer support services, including installation, configuration, troubleshooting, customer assistance, and training, in response to customer requirements.

Conduct capital planning and investment control, workforce planning, policy and standards development, resource management, knowledge management, architecture and infrastructure planning and management, auditing, and information security management; analyzes, plans, designs, implements, documents, assesses, and manages the enterprise structural framework to align IT strategy, plans, and systems with the mission, goals, structure, and processes of the organization; perform Contract Officer Representative duties consistent with Federal Acquisition Institute (FAI) definitions; and monitor the products or services throughout their life cycle, and Contractor's performance.