IT Specialist (InfoSec)

Summary This position is located within the Office of Information Technology (OIT), Office of Information Security, Information Security Operations. The incumbent serves as an Information Technology (IT) Specialist within an Information Security (InfoSec) specialty. Learn more about this agency Duties OIT Mission and Vision statements OIT Mission: The mission of the Office of Information and Technology (OIT) is to collaborate with our business partners to create the best experience for all Veterans. OIT Vision: To become a world-class organization that provides a seamless, unified Veteran experience through the delivery of state-of-the-art technology. Major Duties: Provide advice and guidance in implementing IT security policies and procedures in the development and operation of network systems. Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations. Work with stakeholders to resolve computer security incidents and vulnerability compliance Assess security events to determine impact and implementing corrective actions. Verify minimum security requirements are in place for all systems Conduct risks and vulnerability assessments of planned and installed information systems to identify vulnerabilities, risks, and protection needs. Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network. Oversee the management and maintenance of accreditation packages to ensure compliance with required standards. Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals. Work Schedule: Monday-Friday, 8am - 4:30 pm Compressed/Flexible: Yes Telework: Adhoc telework may be authorized at management discretion. Virtual: This is not a virtual position. Position Description/PD#: IT Specialist (InfoSec)/PD17859A Relocation/Recruitment Incentives: Not Authorized Permanent Change of Station (PCS): Not Authorized Physical Demands: The work is sedentary. Some work may require walking and standing in conjunction with travel and attendance at meetings and conferences away from the work site and carrying light items such as papers or books. Working Conditions: The work area is adequately lighted, heated, and ventilated. The work environment involves everyday risks or discomforts that require normal safety precautions. This position requires minimal travel. The incumbent may be required to use both air and ground transportation. Designated Drug Testing Position: Not applicable. This is a non-bargaining unit eligible position. Requirements Conditions of employment You must be a U.S. Citizen to apply for this job To be considered for this position, you must complete all required steps in the process. In addition to the application and questionnaire, this position requires an online assessment. The online assessment measures critical general competencies required to perform the job. You may be required to serve a probationary period Subject to background/security investigation Selected applicants will be required to complete an online onboarding process. Acceptable form(s) of identification will be required to complete pre-employment requirements (https://www.uscis.gov/i-9-central/form-i-9-acceptable-documents). Effective May 7, 2025, driver's licenses or state-issued dentification cards that are not REAL ID compliant cannot be utilized as an acceptable form of identification for employment. As a condition of employment for accepting this position, you will be required to serve a 1-year probationary period during which we will evaluate your fitness and whether your continued employment advances the public interest. In determining if your employment advances the public interest, we may consider: your performance and conduct; the needs and interests of the agency; whether your continued employment would advance organizational goals of the agency or the Government; and whether your continued employment would advance the efficiency of the Federal service. Upon completion of your probationary period, your employment will be terminated unless you receive certification, in writing, that your continued employment advances the public interest. Additional Requirements: This is not a remote position. OI&T has multiple worksites at various duty locations, and the individual(s) selected may be assigned to any federal government work site. This announcement will NOT be used for changing duty locations. If selected, and you are a current VA employee, and not on an approved exemption, you will continue to report to your current duty location. Qualifications To qualify for this position, applicants must meet all requirements by the closing date of this announcement, 05/29/2026. You may qualify based on your experience as described below: Basic Requirements Experience:Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. For all positions individuals must have IT-related experience demonstrating each of the five competencies listed below. The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. AND Specialized Experience: You must possess a minimum of one (1) year of experienceequivalent to at least the GS-12 level. Specialized experience for this position is defined as: Skill conducting comprehensive assessments of technical, operational, and management security controls in accordance with the NIST Risk Management Framework (RMF) to determine overall system security posture and ensure compliance with federal cybersecurity requirements. Skill developing, implementing, and evaluating information security policies, procedures, and long-range strategies to protect the confidentiality, integrity, and availability of enterprise information systems and support organizational mission objectives. Skill planning and executing security authorization activities, including reviewing accreditation packages, validating implemented security controls, documenting deviations, and recommending corrective actions to maintain acceptable organizational risk levels. Skill performing detailed risk and vulnerability assessments for new and existing systems, analyzing audit logs and security events, and providing authoritative recommendations to mitigate threats, enhance security architectures, and supporting enterprise risk governance. Skill preparing and contributing to RMF documentation-including system security plans, risk assessments, POA&Ms, and lifecycle support plans-to accurately reflect security requirements, system impacts, and mitigation strategies across all phases of system development and operations. Skill coordinating the integration and implementation of security controls across platforms and teams, including assessing access controls based on least privilege, supporting incident resolution, verifying minimum security requirements, and advising stakeholders to maintain continuous compliance and security readiness. For more information on these qualification standards, please visit the United States Office of Personnel Management's website at https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/. Education There is no educational substitution at this grade level. Additional information Under the Fair Chance to Compete Act, the Department of Veterans Affairs prohibits requesting an applicant's criminal history prior to accepting a tentative job offer. For more information about the Act and the complaint process, visit Human Resources and Administration/Operations, Security, and Preparedness (HRA/OSP) at The Fair Chance Act. This job opportunity announcement may be used to fill additional vacancies. If selected you will be required to report to one of the following locations: Washington, DC Atlanta, GA Seattle, WA Gainesville, FL Lake City, FL Boston, MA If space is not immediately available a temporary exception to telework may be granted. If/when workspace is identified, the employee is expected to report to their assigned duty location. If you are unable to apply online or need an alternate method to submit documents, please reach out to the Agency Contact listed in this Job Opportunity Announcement. Receiving Service Credit or Earning Annual (Vacation) Leave: Federal Employees earn annual leave at a rate (4, 6 or 8 hours per pay period) which is based on the number of years they have served as a Federal employee. VA may offer newly-appointed Federal employee's credit for their job-related non-federal experience or active duty uniformed military service. This credited service can be used in determining the rate at which they earn annual leave. Such credit must be requested and approved prior to the appointment date and is not guaranteed. The Interagency Career Transition Assistance Plan (ICTAP) and Career Transition Assistance Plan (CTAP) provide eligible displaced VA competitive service employees with selection priority over other candidates for competitive service vacancies. To be qualified you must submit appropriate documentation (a copy of the agency notice, your most recent performance rating, and your most recent SF-50 noting current position, grade level, and duty location) and be found well-qualified for this vacancy. To be well-qualified: applicants must possess experience that exceeds the minimum qualifications of the position including all selective factors, and who are proficient in most of the required competencies of the job. Information about ICTAP and CTAP eligibility is on OPM's Career Transition Resources website at http://www.opm.gov/policy-data-oversight/workforce-restructuring/employee-guide-to-career-transition/. Expand Hide  additional information Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution. Benefits A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits. Review our benefits Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.