Information Technology Analyst (Audit) - Technology Operations Directorate en Other Agencies and Independent Organizations

Top Secret

Duties

About the Technology Operations Directorate: The Technology Operations team conducts various types of audits and evaluations of the Postal Service's cybersecurity and technology processes, tools, and operations. Our directorate helps to reduce the risk of fraud, inappropriate disclosure of sensitive data, and disruption of critical postal operations and services by assessing whether USPS information resources provide the highest level of security, reliability, and value expected by USPS customers. To learn more, visit: Office of Audit | About Us About the Position: The Information Technology Analyst provides expert level advice in the area of information technology to the audit team. Serves as a technical security assessor providing authoritative advice and guidance. Applies a wide range of information technology and cybersecurity concepts, laws, policies, practices, analytical, and diagnostic methods and techniques to address substantive technical issues or problems characterized by complex, controversial, and/or sensitive matters that contain several interrelated issues. The employee is expected to be skilled in performing all necessary functions of an audit throughout the planning, fieldwork, and reporting phases, individually and as a member of an audit team, with limited oversight in accordance with USPS OIG policies and procedures and Generally Accepted Government Auditing Standards. A successful candidate will have relevant experience in: Participating in multiple audit projects and programs simultaneously. Continuously improving skills and knowledge to become a subject matter expert in multiple information technology and cybersecurity areas. Providing information technology guidance and training to auditors. Planning and coordinating the design, development, testing, installation, and support of new and modified systems specifically used by the Technology Operations team for performing technical security assessments, including hardware and software. Evaluating agency programs and operations for compliance and adherence to regulations and adequacy of internal controls over operation. Performing complex security assessments such as vulnerability assessments, secure code reviews, web security testing, penetration testing and determining compliance with internal standards, laws and regulations, and industry best practices such as NIST standards. Performing individually and as a member of an audit team, including continuing responsibility for a specific component of a project. Performing assignments requiring the application of fundamental principles, concepts, techniques, and guidelines in the area of auditing or audit evaluation. Leading technical aspects of complex information systems audits of the USPS, including the data collection efforts needed to develop conclusions and recommendations. Making recommendations for corrective actions and writing audit working papers and reports utilizing Generally Accepted Government Auditing Standards. Participating in or leading meetings with OIG and USPS officials to communicate results of work. Reviewing USPS's use of and implementation of emerging technologies, to include artificial Intelligence and recommending potential audit areas. Maintaining liaison with other offices, agencies and other appropriate organizations as needed. Conducting follow-up reviews of management actions taken to correct identified deficiencies for complex information systems audits. Performing other special projects and activities as assigned. The duties and responsibilities associated with this position may vary based upon the agency's needs at the time of hire. The preceding description of major duties and responsibilities is only intended to give applicants a general overview of the expectations. Compensation: The USPS OIG uses a Pay Banding system, which is equivalent to the Federal GS scale. Grade and salary determinations will be made based upon a candidate's education and professional experience. This position is being advertised at the Journey Band level, equivalent to a GS-13. The salary range for this position is $106,932.00 - $156,755.00. The salary figures include locality pay. For locality table specifics, visit: OPM's General Schedule (GS).

Qualifications

Position Minimum Qualification Requirements You must meet all the minimum qualifications listed below. Professional Experience Requirement: Degree in information security, information assurance, computer science, information technology, cybersecurity, networking; or related field such as auditing, program management, or information management. (must submit transcripts from an accredited college or university) OR Completion of the requirements for a degree that included substantial course work in information technology, programming, or cybersecurity, e.g., 15 semester hours (must submit transcripts from an accredited college or university) AND At least three (3) years of experience in Performance Auditing or performing technical audits, evaluations, or assessments, or an equivalent combination of performance auditing experience, college-level education, and training that provided professional information technology or cybersecurity knowledge. The applicant's background must also include one of the following: Certificate as an Information Systems Security Manager (ISSM), Certified Information Systems Security Professional (CISSP), IT Project Management Professional (PMP), Offensive Security Certified Professional (OSCP), Certified Information Systems Auditor (CISA) or similar certification. Desirable Qualifications Advanced degree. Experience with using techniques from a range of disciplines, including computer programming, mathematics, and statistics, to draw conclusions from data to describe, predict, and improve performance. Use of software such as ACL, R, SAS, SPSS, and Power BI is a plus. Evaluation Factors | How you will be evaluated: You must have the experience, knowledge, and skills as listed in each of the evaluation factors listed below. Include your major accomplishments relevant to the position requirements and factors in your resume. Failure to demonstrate that you meet all the evaluation factor requirements as listed below will result in a score of zero (0), an ineligible status, and you will not be referred for further consideration. Mastery of, and skill in applying interrelationships of multiple IT specialties; new IT developments and applications; emerging technologies and their applications to business processes; IT security concepts, standards, and methods; and project management principles, methods, and practices including developing plans and schedules, estimating resource requirements, defining milestones and deliverables, monitoring activities, and evaluating and reporting on accomplishments sufficient to manage assigned projects. Hands-on experience performing security assessments such as vulnerability assessments and/or penetration testing to include technical testing, data correlation and analysis, identification of false positives, and prioritization of issues identified and report writing to present findings. Skill in making decisions or recommendations that significantly influence important USPS or similar organization IT policies or programs. Skill in analyzing various information systems issues and in developing findings, recommendations, and technical solutions for emerging technologies. Ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists on critical information technology issues. Ability to express and present complex/controversial issues and ideas clearly and concisely, both orally and in writing.

Education

Education must be accredited by an institution recognized by the U.S. Department of Education. Applicants can verify accreditation here: www.ed.gov. Special Instructions for Candidates with Foreign Education: Education completed outside the United States must be deemed equivalent to that gained in U.S. education programs. You must submit all necessary documents to a private U.S. credential evaluation service to interpret equivalency of your education against courses given in U.S. accredited colleges and universities. For further information visit: https://sites.ed.gov/international/recognition-of-foreign-qualifications/.

Other Information

Fair Labor Standards Act (FLSA) Status: Exempt. (Nonexempt employees are entitled to overtime pay; Exempt employees are not). Reasonable Accommodations This agency provides Reasonable Accommodations to applicants with disabilities. If you require accommodations for any part of the application and/or hiring process, please send an email to [email protected]. The decision on granting an accommodation request will be made on a case-by-case basis.