Senior IT Specialist (INFOSEC)

  • Federal Deposit Insurance Corporation (FDIC)
  • Washington, DC, USA
Full Time Government Information Technology Internet

Job Description

Senior IT Specialist (INFOSEC), CG-2210-14 (Permanent)

Chief Information Officer Organization (CIOO)

Office of the Chief Information Security Officer (OCISO)

Governance, Risk, and Compliance Section (GRCS)

Duty Location:  Virginia Square

Number of Vacancies:  Two

Open Period:   6/12 – 6/26/18



WHO MAY BE CONSIDERED:  Federal Employees; Veterans 







MAJOR DUTIES:  The Senior IT Specialist (INFOSEC) is responsible for the following duties:

  • Develops, implements, coordinates, and manages the Information Security Assurance Program, and its numerous agency-wide sub-programs that safeguard IT asset and operations and provides vision, guidance and oversight in the development and implementation of substantial Information Security Assurance Program modifications to enhance IT security posture.
  • Formulates and coordinates recommendations of acceptable levels of risk in authorizing the operation of General Support Systems, Major Applications, and Minor Applications for the Chief Information Officer (CIO).
  • Analyzes, and directs IT security assessment methods that evaluate the management, operational, and technical security controls applied to assets, including all systems and applications.
  • Performs and/or directs the validation of risk mitigation processes, action plans, and/or budget cost proposals to address risks identified during assessments and audits of IT assets.
  • Plans and implements regulatory-compliant, information security assurance policies, procedures and guidance promulgated throughout the Corporation and manages the deployment of automated software products) used for remediation and tracking of corporate-wide IT security weaknesses and vulnerabilities.
  • Performs analysis of ever-changing regulatory compliance requirements to ensure appropriate levels of continuous controls assessments on agency assets; this provides real-time situational awareness of the security posture of assets to senior management and the Chief Information Officer (CIO).
  • Devises appropriate degrees of NIST-based technical testing of disparate system, applications, and vendor services to assess the adequacy of implemented security controls.
  • Coordinates closely with other sections and senior management, peer-level managers, and service providers, to employ information security assurance solutions that meet federally mandated security requirements and align with industry best practices.
  • Provides agency-wide, strategic consultation to divisional system owners, divisional Information Security Managers (ISM), directors, and senior management regarding the risk posture of IT systems.