Information Technology Security Specialist

Summary The USPS OIG is seeking a highly qualified applicant to fill our Information Technology Security Specialist position in the Office of Chief Information Officer (CIO) located in Arlington, VA. Bring your skills and voice to our team! Learn more about this agency Requirements Conditions of Employment Must be a U.S. citizen Must be able to pass a drug screening and medical assessment questionnaire. Must be able to pass a background investigation Must be able to obtain and maintain Moderate Background Investigation security clearance Must be able to obtain and maintain a government-issued credit card May be required to successfully complete a 12-month probationary period Qualifications MINIMUM QUALIFICATIONS You must meet ALL of the minimum qualifications listed below. Bachelor's Degree in Cybersecurity/Information Technology Security or related field of study from an accredited college or university OR Applicant must have at least 5 years of specialized experience in application security testing AND Applicant must have at least 5 years of specialized experience with hands-on skills in performing application security assessments Applicant must have at least 5 years of specialized experience in Secure SDLC and Source Code Analysis (Manual &Tools) on Web-based Applications Applicant must have hands on experience with Static and Dynamic Application Security Testing using tools like HP Fortify, HP WebInspect, HCL Appscan, Check Marx, Synopsys, and Veracode Specialized experience in Continuous Integration (CI) and Continuous Deployment (CD) practices Specialized experience in application vulnerability and security assessments using various tools like Burp Suite Pro, OWASP Zap Proxy, DirBuster, Kali Linux, Metasploit Pro, Accunetix, Insight AppSec, GitLab, Coverity, Fortify, Snyk Code, GitHub Enterprise Specialized experience in assessing application vulnerabilities and bugs in various application Specialized experience creating security testing pipelines and test plans Specialized experience in implementing and deploying an organization-wide Application Security program (DAST and SAST) at the enterprise level to identify, report and remediate security vulnerabilities in development and production environments. Knowledge of coding languages such as Java, .NET, Python, PHP, C++, C# Extensive experience in preparing test Plans, writing test Cases, test Execution and follow up remediation efforts DESIRABLE QUALIFICATIONS Microsoft 365 Certified Security Administrator Associate Microsoft Certified Azure Security Engineer Associate Advanced degree in Cybersecurity or related field Currently Industry Certifications in one or more of the following (or equivalent) Certified Secure Software Lifecyle Professional (CSSLP) Certified API Security Professional (CASP) Offensive Security Certified Professional (OSCP) EC-Council Certified Application Security Engineer (CASE) CompTIA Security+, Network+ EVALUATION FACTORS You must have the experience, knowledge and skills as listed in EACH of the evaluation factors. Failure to demonstrate that you meet all of the evaluation factor requirements as listed below will result in a score of zero (0); an ineligible status, and you will not be referred for further consideration. Include your major accomplishments relevant to the position requirements in your resume. Demonstrated expertise in configuring, deploying and utilizing both dynamic and static application security testing tools. Demonstrated knowledge of application-based, host-based, and network-based security best practices. Knowledge in applying advanced information technology principles, concepts, methods, standards, and practices sufficient to develop and interpret policies, procedures, and strategies governing the planning and delivery of services throughout the agency. Demonstrated ability to cultivate relationships across multiple teams to effectively implement security recommendations. Demonstrated ability to communicate effectively both orally and in writing with audiences of various levels of technical understanding. You will no longer be considered for this position if you receive a zero (0) rating on any evaluation factor. Failure to demonstrate that you meet all evaluation factor requirements will result in a score of zero (0). Upon receipt of a zero score, you will be deemed "not minimally qualified," and you will not be referred for further consideration. Education Education must be accredited by an institution recognized by the U.S. Department of Education. Applicants can verify accreditation here: www.ed.gov/admins/finaid/accred. Special Instructions for Candidates with Foreign Education: Education completed outside the United States must be deemed equivalent to that gained in U.S. education programs. You must submit all necessary documents to a private U.S. credential evaluation service to interpret equivalency of your education against courses given in U.S. accredited colleges and universities. For further information visit: http://www2.ed.gov/about/offices/list/ous/international/usnei/us/edlite-visitus-forrecog.html. Additional information Pay is only part of the compensation you will earn working for the USPS OIG. We offer a broad array of benefits programs: Effective January 1, 2025, due to the Postal Service Reform Act (PSRA), USPS employees (including USPS OIG) and retirees will transition from the Federal Employees Health Benefits (FEHB) Program to the Postal Service Health Benefits (PSHB) Program. Detailed information about eligibility and enrollment will be provided upon hiring. For more information, visit the Postal Service Health Benefits (PSHB) Program website at https://www.opm.gov/healthcare-insurance/pshb/#url=Overview We offer Health, Dental, Vision, Life and Long-Term Care Insurances and Flexible Spending options as well. Retirement and Thrift Savings. For more information about these programs see https://www.opm.gov/retire and http://www.tsp.gov/. Flexible Work Schedules. USPS OIG offers a range of family friendly flexibilities including flexible work schedules, telework and employee assistance programs. Leave and Holidays. In addition to 10 paid holidays each year, you will earn 13 days of paid sick leave and 13 to 26 paid vacation days each year depending on your years of service. For further information, please refer to our website at: https://www.uspsoig.gov/frequently-asked-questions Fair Labor Standards Act (FLSA) Status: Exempt (Nonexempt employees are entitled to overtime pay; Exempt employees are not). This agency provides Reasonable Accommodations to applicants with disabilities. If you require accommodations for any part of the application and/or hiring process, please send an email to [email protected]. The decision on granting an accommodation request will be made on a case-by-case basis. Read more Benefits A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new window Learn more about federal benefits. Review our benefits Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.