Summary *Announcement Amended to Extend the Closing Date** View common definitions of terms found in this announcement. This announcement is issued under the Direct Hire Authority (DHA) to recruit for positions for which there is a critical hiring need. Selectee(s) will receive a career or career-conditional appointment in the competitive service and may be required to serve a one-year probationary period. Responsibilities Typical work assignments include, but are not limited to: Prepare detailed audit reports identifying technical and procedural findings and offer remediation strategies to mitigate security risks. Review security architecture for gaps and develop a comprehensive security risk management plan that aligns with the organization's requirements. Respond to requests for information (RFIs) by conducting in-depth research and synthesizing data from various intelligence sources. Review and evaluate security incident response, making recommendations for improvements to mitigate potential risks. Requirements Conditions of Employment You must be a U.S. citizen. Selective Service - Males born after 12/31/59 must be registered or exempt from Selective Service, see http://www.sss.gov/ All Federal employees are required to participate in Direct Deposit/Electronic Funds Transfer for salary payments. DHS uses E-Verify, an Internet-based system, to confirm the eligibility of all newly hired employees to work in the United States. Learn more about E-Verify, including your rights and responsibilities. You must be able to obtain and maintain a security clearance suitable for Federal employment as determined by a background investigation. This may include a credit check, a review of financial issues, as well as certain criminal offenses and illegal use or possession of drugs. One-year probationary period may be required. This position may be designated as essential personnel. Essential personnel must be able to serve during continuity of operation events without regard to declarations of liberal leave or government closures due to weather, protests, and acts of terrorism or lack of funding. Failure to report for or remain in this position may result in disciplinary or adverse action in accordance with applicable laws, rules, and regulations (5 U.S.C. 7501-7533 and 5 CFR Part 752, as applicable). Qualifications Do NOT copy and paste the duties, specialized experience, or occupational assessment questionnaire from this announcement into your resume as that will not be considered a demonstration of your qualifications for this position. To be considered minimally qualified for this position, you must demonstrate that you have the required experience for the respective grade level in which you are applying. You qualify for the GS-12 and GS-13 grade levels if you possess information technology related experience demonstrating each of the four required competencies: Attention to Detail- Is thorough when performing work and conscientious about attending to detail. Customer Service-Works with clients and customers (this includes any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication- Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving- Identifies problems; determines accuracy and relevance of information; uses sound judgement to generate and evaluate alternatives, and to make recommendations. GS-12: In addition to the above requirement, you must have at least one year of specialized experience at the GS-11 grade level performing the following duties: Collecting and interpreting system security requirements from various stakeholders to conduct vulnerability assessments and evaluate the security posture of IT systems, networks, and configurations, ensuring compliance with cybersecurity policies and regulations. Analyzing collected requirements to generate data-driven insights and identify trends in security vulnerabilities, risks, and gaps, using analytical tools to support decision-making for system improvements. Assisting in the development and documentation of system security requirements, ensuring alignment with technical findings from vulnerability assessments and stakeholder needs. Preparing detailed audit reports based on the interpretation of collected requirements and assessment data, identifying technical vulnerabilities, compliance gaps, and recommending appropriate remediation strategies. GS-13: In addition to the above requirement, you must have at least one year of specialized experience at the GS-12 grade level performing the following duties: Leading efforts to collect and define system security requirements from stakeholders, ensuring requirements accurately reflect the needs of complex environments and address identified vulnerabilities and compliance issues. Interpreting collected requirements to generate actionable insights and identify trends from vulnerability data, informing strategic decision-making related to the security posture of the organization's IT infrastructure. Developing and overseeing the implementation of system security requirements, ensuring requirements are aligned with federal regulations, technical assessments, and organizational cybersecurity goals. Preparing in-depth audit reports that incorporate findings from requirements analysis, technical vulnerability assessments, and stakeholder input, providing strategic recommendations for risk mitigation and system security enhancements. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. All qualification requirements must be met by the closing date of this announcement. Education Some federal jobs allow you to substitute your education for the required experience in order to qualify. For this job, you must meet the qualification requirement using experience alone--no substitution of education for experience is permitted. Additional Information Other incentives may be authorized. If you receive a conditional offer of employment for this position, you will be required to complete an Optional Form 306, Declaration for Federal Employment, and to sign and certify the accuracy of all information in your application, prior to entry on duty. False statements on any part of the application may result in withdrawal of offer of employment, dismissal after beginning work, fine, or imprisonment. This job opportunity announcement may be used to fill additional vacancies. This position has been designated excluded from bargaining unit representation under the national security provision of 5 USC Section 7112(B)(6). When entering a federal job at a grade level lower than the highest promotion potential level, you may be promoted to more complex duties and work more independently, as your career progresses. NOTE: Career ladder promotions are not automatic, and all eligibility and qualifications requirements must be met in order to progress to the next grade level. Reasonable Accommodation Requests: This agency provides reasonable accommodation to otherwise qualified applicants and employees with a disability covered under the Rehabilitation Act of 1973, as amended, unless to do so would create an undue hardship to the agency (29 CFR 1614.203 (2017)). If you need a reasonable accommodation for any part of the application or hiring process, contact the CISA Office of Equity, Diversity, Inclusion and Accessibility (OEDIA) by sending an email to CISAReasonableAccommodation@cisa.dhs.gov with the subject line, "Reasonable Accommodation Request @ CISA." In the email itself, you must include your name, vacancy announcement number(s), and state your intent to seek a reasonable accommodation. Decisions on requests for Reasonable Accommodations are made on a case-by-case basis. For more information or inquiries, please contact the CISA Reasonable Accommodation Program at CISAReasonableAccommodation@cisa.dhs.gov. Current or Former Political Appointees: The Office of Personnel Management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C, Non-career SES or Presidential Appointee employee in the Executive Branch, you must disclose this information to the Human Resources Office. Shared Certificate: When CISA completes its hiring, the remaining list of qualified candidates may be shared with other DHS Component agencies who are hiring for similar positions. You will have an opportunity to opt-in if you would like your name, application materials, and assessment results shared to be considered for employment with other DHS Component agencies. There is no guarantee of further consideration, and you can continue to explore other job opportunity announcements.