Supervisory IT Specialist (INFOSEC)

Summary The Director provides oversight for all of the risk management realm of Information Assurance, Office of Information Security (OIS), within the Office of Information and Technology, Department of Veterans Affairs (VA). The primary role is to develop and/or analyze procedures and systems for identifying, assessing/validating, and reporting on the effectiveness of major cybersecurity risk management programs that is evaluated as it relates to both IT and traditional programs. Learn more about this agency Duties OIT Mission: The mission of the Office of Information and Technology (OIT) is to collaborate with our business partners to create the best experience for all Veterans. OIT Vision: To become a world-class organization that provides a seamless, unified Veteran experience through the delivery of state-of-the-art technology. Major Duties: Identifies and address cyber workforce planning and management issues. Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan. Ensures that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. Approves short-term, long-term, and multiyear assessment plans and assessment schedules. Responsible for providing expert advice and developing strategic compliance plans, policies, and guidance for a designated team. Performs need analysis to determine opportunities for new and improved business process solutions. Oversees the monitoring of compliance with federal, state, and local laws, and regulations at designated VA or contractor managed facilities and VA-wide programs. Provide enterprise cybersecurity and supply chain risk management guidance for development of the Continuity of Operations Plans Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an Information Technology (IT) system to determine the overall effectiveness of the controls. Leads, coordinates, communicates, integrates, and is accountable for the overall success of the program, ensuring alignment with agency or enterprise priorities. Oversees teams through one or more levels of supervision in performing work related to developing and monitoring compliance programs, plans, procedures, and methodologies and/ or analyzing quality initiatives and processes. Manages a comprehensive program of assessments designed to measure how well VA information systems comply with legislative and federal government oversight as well as VA policies, procedures, and practices. Work Schedule: Monday-Friday, 8am-430pm Compressed/Flexible: Available at the manager's discrection Telework: Adhoc telework may be authorized at the management's discrection. Virtual: This is not a virtual position. Position Description/PD#: Supervisory IT Specialist (INFOSEC)/PD178520 Relocation/Recruitment Incentives: Not Authorized Permanent Change of Station (PCS): Not Authorized PCS Appraised Value Offer (AVO): Not Authorized Physical Demands: The work is sedentary. Some work may require walking and standing in conjunction with travel and attendance at meetings and conferences away from the work site and carrying light items such as papers or books. Working Conditions: The work area is adequately lighted, heated, and ventilated. The work environment involves everyday risks or discomforts that require normal safety precautions. This position requires minimal travel. The incumbent may be required to use both air and ground transportation. Designated Drug Testing Position: Not applicable. This is a non-bargaining unit eligible position. Requirements Conditions of employment You must be a U.S. Citizen to apply for this job To be considered for this position, you must complete all required steps in the process. In addition to the application and questionnaire, this position requires an online assessment. The online assessment measures critical general competencies required to perform the job. Physical Requirements: The work required does not inherently include any physical requirements essential for successful job performance that could not otherwise be performed with accommodation or workplace adjustment. A pre-placement physical examination is not required. You may be required to serve a probationary period Subject to background/security investigation Selected applicants will be required to complete an online onboarding process. Acceptable form(s) of identification will be required to complete pre-employment requirements (https://www.uscis.gov/i-9-central/form-i-9-acceptable-documents). Effective May 7, 2025, driver's licenses or state-issued dentification cards that are not REAL ID compliant cannot be utilized as an acceptable form of identification for employment. As a condition of employment for accepting this position, you will be required to serve a 1-year probationary period during which we will evaluate your fitness and whether your continued employment advances the public interest. In determining if your employment advances the public interest, we may consider: your performance and conduct; the needs and interests of the agency; whether your continued employment would advance organizational goals of the agency or the Government; and whether your continued employment would advance the efficiency of the Federal service. Upon completion of your probationary period, your employment will be terminated unless you receive certification, in writing, that your continued employment advances the public interest. Qualifications To qualify for this position, applicants must meet all requirements by the closing date of this announcement, 06/03/2026. You may qualify based on your experience and/or education as described below: Basic Requirements: Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. For all positions individuals must have IT-related experience demonstrating each of the five competencies listed below. The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. AND Specialized Experience: You must have one year of specialized experience equivalent to at least the next lower grade GS-15 in the normal line of progression for the occupation in the organization. Examples of specialized experience would typically include, but are not limited to: Skills in leading Cybersecurity Risk Management by directing and overseeing enterprise risk activities; designing evaluation/reporting methods; defining program metrics. - Skills in applying Enterprise Risk Management & Security Architecture by applying information systems security principles and concepts, risk management processes, and cybersecurity and privacy principles to guide architecture decisions and risk acceptance/mitigation across a large portfolio. Skills in leading end- to-end Security Assessment & Authorization (A&A) activities (categorization, selection, implementation, assessment, authorization, and monitoring) for complex or high- value VA systems, resulting in timely Authorizations to Operate (ATO) and measurable POA&M reduction. Skills in applying Program/Process Management & Quality by using current industry methods to evaluate, implement, and disseminate security assessment, monitoring, detection, and remediation capabilities (e.g., vulnerability management, configuration compliance, logging/analytics), and validating outcomes through metrics. AND Selective Placement Factor: In addition to the minimum qualifications described above, you must meet the following requirements to be considered for the position: Must have experience leading enterprise cybersecurity risk management programs in accordance with the NIST Risk Management Framework, including evaluating and validating security controls, preparing or approving authorization documentation, and making authorization impact recommendations for enterprise level IT systems. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religions; spiritual; community; student; social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Note: A full year of work is considered to be 35-40 hours of work per week. Part-time experience will be credited on the basis of time actually spent in appropriate activities. Applicants wishing to receive credit for such experience must indicate clearly the nature of their duties and responsibilities in each position and the number of hours a week spent in such employment. Veterans and Transitioning Service Members: Please visit the VA for Vets site for career-search tools for Veterans seeking employment at VA, career development services for our existing Veterans, and coaching and reintegration support for military service members. For more information on these qualification standards, please visit the United States Office of Personnel Management's website at https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/. Education There is no educational substitution at this grade level. Additional information Under the Fair Chance to Compete Act, the Department of Veterans Affairs prohibits requesting an applicant's criminal history prior to accepting a tentative job offer. For more information about the Act and the complaint process, visit Human Resources and Administration/Operations, Security, and Preparedness (HRA/OSP) at The Fair Chance Act. If selected you will be required to report to one of the following locations: Washington, District of Columbia Hines, Illinois Eatontown, New Jersey Albany, New York Philadelphia, Pennsylvania Austin, Texas Salt Lake City, Utah Shepherdstown, West Virginia If space is not immediately available a temporary exception to telework may be granted. If/when workspace is identified, the employee is expected to report to their assigned duty location Receiving Service Credit or Earning Annual (Vacation) Leave: Federal Employees earn annual leave at a rate (4, 6 or 8 hours per pay period) which is based on the number of years they have served as a Federal employee. VA may offer newly-appointed Federal employee's credit for their job-related non-federal experience or active duty uniformed military service. This credited service can be used in determining the rate at which they earn annual leave. Such credit must be requested and approved prior to the appointment date and is not guaranteed. This job opportunity announcement may be used to fill additional vacancies. If you are unable to apply online or need an alternate method to submit documents, please reach out to the Agency Contact listed in this Job Opportunity Announcement. The Interagency Career Transition Assistance Plan (ICTAP) and Career Transition Assistance Plan (CTAP) provide eligible displaced VA competitive service employees with selection priority over other candidates for competitive service vacancies. To be qualified you must submit appropriate documentation (a copy of the agency notice, your most recent performance rating, and your most recent SF-50 noting current position, grade level, and duty location) and be found well-qualified for this vacancy. To be well-qualified: applicants must possess experience that exceeds the minimum qualifications of the position including all selective factors, and who are proficient in most of the required competencies of the job. Information about ICTAP and CTAP eligibility is on OPM's Career Transition Resources website at http://www.opm.gov/policy-data-oversight/workforce-restructuring/employee-guide-to-career-transition/. Expand Hide  additional information Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution. Benefits A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits. Review our benefits Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.