IT Specialist (INFOSEC)
What you'd do
This position is located in the Office of the Secretary, Office of the Chief Information Officer (OCIO), Office of Cybersecurity and IT Risk Management (OCRM) in Washington, DC. This position is established to ensure the confidentiality, integrity, and availability of systems, networks, and data through planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.
Major duties
As IT Specialist (INFOSEC), you will perform the following duties: Develop, maintain, and implement Department-wide information technology plans. Define and manage information technology (IT) and/or cybersecurity related programs and/or projects. Lead, coordinate, communicate, integrate, and is accountable for the overall success of the program, ensuring alignment with agency or enterprise priorities. Apply knowledge of data, information, processes, organizational interactions, skills, and analytical expertise, as well as systems, networks, and information exchange capabilities to manage programs. Consult with customers to evaluate functional requirements and translate functional requirements into technical solutions. Develop and maintain cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives and regulatory compliance. Applicant Limit: This announcement will close at midnight after 100 applicants have been received or on the closing date (whichever is sooner). This Job Opportunity Announcement may be used to fill other IT Specialist (INFOSEC) GS-2210-14, GS-14 positions within the Department of Commerce in the same geographical location or local commuting area with the same qualifications and specialized experience.
What you need to qualify
Qualification requirements in the vacancy announcements are based on the U.S. Office of Personnel Management (OPM) Qualification Standards Handbook, which contains federal qualification standards. This handbook is available on the Office of Personnel Management's website located at: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/#url=Occupational-Series Applicants must possess one year of specialized experience equivalent in difficulty and responsibility to the next lower grade level in the Federal Service. Specialized experience is experience that has equipped the applicant with the particular competencies/knowledge, skills and abilities to successfully perform the duties of the position. This experience need not have been in the federal government. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations e.g., professional; philanthropic, religious; spiritual; community, student, social). Volunteer work helps build critical competencies; knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. To qualify at the GS-14 level, you must meet the following requirements: The Qualification Standards for Information Technology (IT) Management Series, 2210 (Alternative A) Individual Occupational Requirements. Basic Requirement for the Information Technology Specialist, GS-2210 occupation series for the GS-14 (or equivalent) must have Information Technology (IT) related. SPECIALIZED EXPERIENCE: You must possess one full year (52 weeks) of specialized experience equivalent to the GS-13 (or equivalent pay band) in the Federal service. Specialized experience as defined as: and demonstrate at least 4 of the 7 specialized experiences below: Managing enterprise level cybersecurity program strategy and implementation to address cybersecurity objectives in the President's Management Agenda, such as Continuous Diagnostics and Mitigation (CDM) or Zero Trust Architecture (ZTA), from initial implementation through capability maturation. Collaborating with multidisciplinary cybersecurity teams to translate operational requirements into engineered solutions that improve defensive capabilities, asset visibility, vulnerability management, and mission outcomes. Designing, engineering, and integrating complex cybersecurity capabilities, solutions, and technologies (e.g., Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), Endpoint/Extended Detection and Response (EDR/XDR), network security monitoring, threat intelligence platforms, zero trust capabilities) to enable enterprise-wide visibility, detection, and response capabilities. Engineering and optimizing data pipelines and architectures (e.g., data lakes) to support scalable ingestion, storage, and analysis of high-volume cybersecurity data across the enterprise. Leading the integration and normalization of security telemetry or vulnerability reports from diverse sources (e.g., endpoints, network devices, cloud 6 based on near real time analysis of enterprise cybersecurity posture. Developing and tuning detection logic, use cases, and automated response workflows to enhance threat detection, reduce false positives, and improve mean time to detect (MTTD) and respond (MTTR). Evaluating and implementing emerging cybersecurity technologies and capabilities, including shared services, automation, orchestration, post quantum cryptography, and advanced analytics (e.g., behavioral analytics, Artificial Intelligence / Machine Learning (AI/ML)), to enhance informed decision making based on near real time analysis of enterprise cybersecurity posture. **Your resume must clearly show experience that reflects the basic requirement and the specialized experience requirement.**
Before you apply
Federal applications are different: your resume should be 3–5 pages and mirror the language of this announcement. Read our federal resume guide first — it's the #1 reason qualified people get screened out.
Don't miss the next one.
Get an email the moment a similar federal job opens — postings can close in as little as 5 days.