Information Technology Specialist (Audit) - Technology Operations DIrectorate en Other Agencies and Independent Organizations

Top Secret

Duties

About the Technology Operations Directorate: The Technology Operations team conducts various types of audits and evaluations of the Postal Service's cybersecurity and technology processes, tools, and operations. Our directorate helps to reduce the risk of fraud, inappropriate disclosure of sensitive data, and disruption of critical postal operations and services by assessing whether USPS information resources provide the highest level of security, reliability, and value expected by USPS customers. To learn more, visit: Office of Audit | About Us About the Position: The IT Specialist serves as the authoritative resource for the Office of Audit in the area of cybersecurity and information technology. As a technical authority, the employee provides expert level advice on advanced information technology topics to include information technologies used by the Office of Audit and by the United States Postal Service (USPS). A successful candidate will have relevant experience in and be responsible for: Performing individually and as a member of an audit team, including continuing responsibility for a specific component of a project. Represents the USPS OIG in meeting with high-level officials from the USPS, other agencies, vendors, and members of external organizations. Responsibilities including presenting results of assessment and studies (which may be complex or controversial), negotiating agreements, and influencing approval and implementation of agency-wide solutions and plans. Participating in multiple audit projects and programs simultaneously. Leading technical aspects of complex information systems audits of the USPS, including the data collection and assessment efforts needed to develop and support conclusions and recommendations. Interviewing USPS personnel to identify information relevant to answering the objective of the audit. Participating or leading meetings with OIG and USPS officials to communicate the results of work. Reviewing USPS' use and implementation of emerging technologies and AI and recommending potential audit areas. Making recommendations for corrective actions and writing audit working papers and reports adhering to Generally Accepted Government Auditing Standards. Maintaining liaison with other offices, agencies and other appropriate organizations as needed. Responding to inquiries, including requests from the media through the Director of Communications, Congressional staff, and the Board of Governors. Ensuring that research and resulting audit working papers are developed and delivered in accordance with Office of Audit requirements. Conducting program risk assessments and developing applicable audit programs. Provide opinions on the efficiency and effectiveness of USPS programs. Participate in various technology working groups and committees. Determine technical training requirements for staff. Conducting follow-up reviews of management actions taken to correct identified deficiencies for complex information systems audits. Performing IT security testing to include vulnerability assessments and penetration testing of wireless infrastructure, mobile systems, custom applications, APIs, and IT networks. Developing audit procedure steps for IT testing that are relevant to the objective and scope of the audit project. Training audit team members to gain an understanding of IT technical testing and analysis of resulting data. Developing, adapting, and implementing new applications development methods and models that incorporate new technologies, such as object-oriented design and analysis and software architecture. Recommending adoption of new methodologies based on favorable feasibility analyses. Ensuring improvements in the design and development of applications that enhance the Office of Audit's ability to accomplish mission critical program activities. Developing and coordinating acceptance of a Rules of Engagement for IT security testing. Trains audit team members to gain an understanding of IT technical testing and analysis of resulting data. Develops, adapts, and implements new applications development methods and models that incorporate new technologies, such as object-oriented design and analysis and software architecture. The duties and responsibilities associated with this position may vary based upon the agency's needs at the time of hire. The preceding description of major duties and responsibilities is only intended to give applicants a general overview of the expectations. Compensation: The USPS OIG uses a Pay Banding system, which is equivalent to the Federal GS scale. Grade and salary determinations will be made based upon a candidate's education and professional experience. This position is being advertised at the Specialist Band level, equivalent to a GS-14. The salary range for this position is $126,361.00 - $185,232.00. The salary figures include locality pay. For locality table specifics, visit: OPM's General Schedule (GS).

Qualifications

Position Minimum Qualification Requirements You must meet all the minimum qualifications listed below. Education Requirement: Degree in information security, information assurance, computer science, information technology, cybersecurity, networking; or related field such as auditing, program management, or information management. (must submit transcripts from an accredited college or university) Professional Experience Requirement: At least eight (8) years of progressive, specialized hands-on experience in network infrastructure, cyber defense systems, or cybersecurity testing such as vulnerability assessments and penetration testing. The applicant's background must also include one of the following: Certificate as an Information Systems Security Manager (ISSM), Certified Information Systems Security Professional (CISSP), IT Project Management Professional (PMP), Offensive Security Certified Professional (OSCP), Certified Information Systems Auditor (CISA) or similar certification. Desirable Qualifications Advanced degree. Experience with using techniques from a range of disciplines, including computer programming, mathematics, and statistics, to draw conclusions from data to describe, predict, and improve performance. Use of Linux based IT security testing platforms, AI and data analytics is a plus. Evaluation Factors | How you will be evaluated: You must have the experience, knowledge, and skills as listed in each of the evaluation factors listed below. Include your major accomplishments relevant to the position requirements and factors in your resume. Failure to demonstrate that you meet all the evaluation factor requirements as listed below will result in a score of zero (0), an ineligible status, and you will not be referred for further consideration. Mastery of, and skill in applying, advanced information technology principles, concepts, methods, standards, and practices sufficient to develop and interpret policies, procedures, and strategies governing the planning and delivery of services throughout the Office of Audit or similar organization. Mastery of, and skill in executing IT security testing to include vulnerability assessments and penetration testing of wireless infrastructure, mobile systems, custom applications, APIs, and IT networks. Mastery of, and skill in applying interrelationships of multiple IT specialties; new IT developments and applications; emerging technologies and their applications to business processes; IT security concepts, standards, and methods; and project management principles, methods, and practices including developing plans and schedules, estimating resource requirements, defining milestones and deliverables, monitoring activities, and evaluating and reporting on accomplishments sufficient to manage assigned projects. Ability to conduct research and analysis, and develop audit reports and present complex, sensitive information to senior level officials in a concise manner. Ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists regarding critical information technology issues. Ability to analyze, review, and/or assess information technology procedures and controls in topics such as: general controls, computer security techniques, application control reviews, system development life cycle, operating system software, multi-platform hardware such as client-server, or mainframes, network operations and testing, data integrity, disaster recovery, information systems acquisitions, etc.

Education

Education must be accredited by an institution recognized by the U.S. Department of Education. Applicants can verify accreditation here: www.ed.gov. Special Instructions for Candidates with Foreign Education: Education completed outside the United States must be deemed equivalent to that gained in U.S. education programs. You must submit all necessary documents to a private U.S. credential evaluation service to interpret equivalency of your education against courses given in U.S. accredited colleges and universities. For further information visit: https://sites.ed.gov/international/recognition-of-foreign-qualifications/.

Other Information

Fair Labor Standards Act (FLSA) Status: Exempt. (Nonexempt employees are entitled to overtime pay; Exempt employees are not). Reasonable Accommodations This agency provides Reasonable Accommodations to applicants with disabilities. If you require accommodations for any part of the application and/or hiring process, please send an email to [email protected]. The decision on granting an accommodation request will be made on a case-by-case basis.