POSITION DESCRIPTION



POSITION DESCRIPTION1. Agency PDCN 80485P002. Reason for Submission FORMCHECKBOX Redescription FORMCHECKBOX New3. Service FORMCHECKBOX HQ FORMCHECKBOX Field4. Empl Office Location FORMTEXT ?????5. Duty Station FORMTEXT ?????6. OPM Cert # FORMTEXT ????? FORMCHECKBOX Reestablishment FORMCHECKBOX Other Explanation (Show Positions Replaced) FORMTEXT ?????7. Fair Labor Standards ActNot Applicable8. Financial Statements Required FORMCHECKBOX Exec Pers Financial Disclosure FORMCHECKBOX Employment & Financial Interests9. Subject to IA Action FORMCHECKBOX Yes FORMCHECKBOX No FORMTEXT ?????10. Position Status FORMCHECKBOX Competitive FORMCHECKBOX Excepted (32 USC 709)11. Position is FORMCHECKBOX Supervisory FORMCHECKBOX Managerial12. Sensitivity FORMCHECKBOX Non-Sensitive FORMCHECKBOX Noncritical Sens13. Competitive Level FORMTEXT ????? FORMTEXT ????? FORMCHECKBOX SES (Gen) FORMCHECKBOX SES (CR) FORMCHECKBOX Neither FORMCHECKBOX Critical Sens FORMCHECKBOX Special Sens14. Agency Use FORMTEXT ENL15. Classified/Graded by FORMCHECKBOX a. US Office of Pers Mgt FORMCHECKBOX b. Dept, Agency or Establishment FORMCHECKBOX c. Second Level Review FORMCHECKBOX d. First Level ReviewOfficial Title of PositionPay PlanOccupational CodeGradeInitialsDate FORMTEXT Information Technology Specialist (INFOSEC) FORMTEXT GS FORMTEXT 2210 FORMTEXT 11 FORMTEXT ajl FORMTEXT 31 Jul 0216. Organizational Title (If different from official title) FORMTEXT ?????17. Name of Employee (optional) FORMTEXT ?????18. Dept/Agency/Establishment - National Guard Bureau a. First Subdivision - State Adjutant General b. Second Subdivision - FORMTEXT Wing Commander/Chief of Staff c. Third Subdivision - FORMTEXT ANG Combat Comm Group or Squadron d. Fourth Subdivision – FORMTEXT Base Systems Flight e. Fifth Subdivision - FORMTEXT ?????19. Employee Review. This is an accurate description of the major duties and responsibilities of my position. Employee Signature /Date (optional) FORMTEXT ?????20. Supervisory Certification. I certify that this is an accurate statement of the major duties and responsibilities of this position and its organizational relationships, and that the position is necessary to carry out Government functions for which I am responsible. This certification is made with the knowledge that this information is to be used for statutory purposes related to appointment and payment of public funds. False or misleading statements may constitute violations of such statutes or their implementing regulations. a. Typed Name and Title of Immediate Supervisor FORMTEXT ????? FORMTEXT ????? b. Typed Name and Title of Higher-Level Supervisor/Manager (optional) FORMTEXT ????? FORMTEXT ????? Signature FORMTEXT ????? Date FORMTEXT ????? Signature FORMTEXT ????? Date FORMTEXT ?????21. Classification/Job Grading Certification: I certify this position has been classified/graded as required by Title 5 USC, in conformance with USOPM published standards or, if no published standards apply directly, consistently with the most applicable standards. 22. Standards Used in Classifying/Grading Position FORMTEXT US OPM Job Family PCS for Administrative Work in the Information Technology Group, GS-2200, dated May 2001. Typed Name and Title of Official Taking Action FORMTEXT ????? FORMTEXT Andy j. liepnieks FORMTEXT Personnel Management SpecialistInformation For Employees. The standards and information on their application are available in the personnel office. The classification of the position may be reviewed and corrected by Signature FORMTEXT //signed// Date FORMTEXT 31 Jul 02the agency or OPM. Information on classification/job grading appeals is available from the personnel office.23. Position Review InitialsDateInitialsDateInitialsDateInitialsDateInitialsDatea. Employee (Opt) FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ?????b. Supervisor FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ?????c. Classifier FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ????? FORMTEXT ?????24. Remarks: Released from NGB-HRC, CRA 03-1003, dated 21 Mar 03.25. Description of Major Duties and Responsibilities (SEE ATTACHED)NSN 7540-00-634-4265 Previous Edition Usable 5008-106 Optional Form 8 US Office of Personnel Management (USOPM), FPM CHAPTER 295 [Equivalent]25.DUTIES:This position is located at an Air National Guard Combat Communications Group Headquarters or in the Base Systems Flight of a Combat Communications Squadron. The purpose of this position is to serve as the unit Information Assurance Specialist during day-to-day in-garrison planning and execution of information assurance and to serve as planner for deployed operations requiring the same. The incumbent administers the communication-computer security, Air Force Electronic Key Management System (AFEKMS), Emission Security, and Security Awareness Training and Education (SATE) programs.This position requires military membership. It is designated For National Guard Enlisted Incumbency only. The incumbent performs duties necessary to accomplish information security functions in support of programs essential to Combat Communications Group or Squadron operations, training, and readiness missions.-- Serves as the Computer Security (COMPUSEC) Manager. Protects and maintains the availability, integrity, confidentiality, and accountability of information system resources and information processed throughout the system’s life cycle. Establishes and publishes squadron policy to manage the COMPUSEC program. Disseminates information and ensures computer security practices are adhered to by all functional areas in-garrison and in support of deployed war-fighting personnel. Reviews, analyzes, and validates certification and accreditation packages. Continuously identifies and analyzes threats and vulnerabilities to the information systems to maintain an appropriate level of protection. Ensures computer software designs address information system security requirements. Accomplishes risk analysis, security testing, and certification due to modifications or changes to computer systems. Evaluates, assesses, or locally tests and approves all hardware, software, and firmware products that provide security features prior to use on any accredited information system or network. Certifies all software prior to installation and use on communications and computer systems. Executes computer security plans and enforces mandatory access control techniques such as trusted routers, bastion hosts, gateways, firewalls, or other methods of information systems protection.-- Manages the Information Assurance Program. Implements procedures to ensure protection of information transmitted to the squadron, among units in the squadron, and from the squadron units using local or wide area networks, the worldwide web or other communications modes. Utilizes current and future multi-level security products collectively to provide data integrity, confidentiality, authentication, non-repudiation, and access control of the Local Area Network (LAN). Reports to Major Command (MAJCOM), Air Force Communications Agency (AFCA), National Security Agency (NSA), and Air Force Computer Emergency Response Team (AFCERT) all incidents involving viruses, tampering, or unauthorized system entry. Controls access to prevent unauthorized persons from using network facilities. Limits access to privileged programs (i.e., operating system, system parameter and configuration files, and databases), utilities, and security-relevant programs/data files to authorized personnel. Implements methods to prevent or minimize direct access, electronic or other forms of eavesdropping, interpreting electro-mechanical emanations, electronic intercept, telemetry interpretation, and other techniques designed to gain unauthorized access to Automated Data Processing (ADP) information, equipment, or processes. Recognizes such potential and defines vulnerabilities and oversees the installation of physical and technical security barriers to prevent others from improperly obtaining such information.-- Serves as the Communications Security (COMSEC) Manager for all cryptographic activities including managing the Cryptographic Access Program (CAP). Formulates and develops communications security criteria and requirements for inclusion in mobility, contingency, and exercise plans. Maintains accountability for sensitive cryptographic materials and related COMSEC information. Oversees issuance of COMSEC materials. Maintains COMSEC inventory on the Computerized Management of COMSEC Material (CM2) database. Prepares and evaluates written plans for emergency actions and ensures personnel are fully qualified in the execution of plans. Investigates security incidents to determine the possibility of compromise to COMSEC materials and ensures documentation and reporting to appropriate channels. Performs destruction, receiving, issuing, and inspecting COMSEC material within the most stringent timelines. Furnishes written guidance to user accounts concurring effective dates, accounting procedures, destruction requirements, and physical security of COMSEC keying materials. Performs semi-annual functional reviews of all COMSEC user accounts, physically inspecting the user’s COMSEC facilities, reviewing procedures, and audit of all cryptographic holdings. As required, manages the Certification Authority Workstation. Administers the CAP by conducting briefings prior to granting access to cryptographic information. Documents cryptographic access certificates and acts as liaison for scheduling polygraph examinations of personnel enrolled in the program.-- Implements and manages the Air Force Electronic Key Management System program. This includes system configuration and operation of the Local Management Device, Data Transfer Device, and Key Processor. Initializes the system, performs system backups, determines operator access, and control functions (privilege management), reloads and configures the operating system’s parameters. Installs or oversees installation of local COMSEC account hardware and software, including training alternates in the AFEKMS operations. Serves as secure telecommunications units/elements (STU-III) representative and Emissions Security Program (EMSEC) administrator. Develops, implements, and monitors security systems for the protection of controlled cryptographic cards, documents, ciphers, devices, communications centers, and equipment. Validates strapping and configuration options of cryptographic units.-- Provides technical training and instruction on Computer Security Awareness Training and Education (SATE) program procedures to supervisors, employees, and/or unit security representatives. Utilizes computer-based training for both initial and recurring information protection training. Conveys the degree of reliance on information systems, the potential consequences arising from the lack of secure information systems, the organization’s commitment to secure information systems, and the means by which users can protect information systems. Conducts annual COMSEC training for squadron COMSEC users. Uses a wide variety of formal training materials, such as outlines, handouts, publications, films, exhibits, protective devices, and visual aids to provide and/or reinforce information related to communications-computer systems security awareness practices. Promotes security campaigns through oral presentations at local security committee meetings; and extracts, compiles, and prepares security articles, bulletins, and pamphlets for local use by squadron personnel. Maintains required course records.-- Assists unit personnel with duties involving a wide range of communications and information systems and telecommunications programs consisting of tactical communications equipment, LAN systems, information resource management, and information protection programs.--The mission of this unit includes the requirement for 24/7 operational capabilities. Full time unit members will be subject to scheduled “on-call” duty rotation and may be required to perform shift duties on short notice to cover for sick, injured, or otherwise unavailable personnel. Full time unit members may also be required to report to work location during off-duty hours during extended outages to provide continual operation coverage. The OPS Tempo will consist of regular exercises and traditional unit members will be asked to support these exercises whenever possible. Mobilization requirement for all members will be local duty station and may occur upon very short notice.--Member must have a current Top Secret/Special Compartmented Information (TS/SCI) security clearance and member must maintain a TS/SCI security clearance.-- Performs other duties as assigned.Factor 1 – Knowledge Required by the Position:FL 1-71250 points-- Knowledge of a wide range of communications and computer security, techniques, requirements, methods, sources, and procedures for the following programs: Computer Security (COMPUSEC); network security, communications security (COMSEC), Electronic Key Management System (AFEKMS), Emissions Security (EMSEC), STU III, FORTEZZA security, and Security Awareness, Training and Education (SATE). This knowledge is necessary to provide appropriate direction to squadron level functions. -- Knowledge of concepts, principles, methods, and practices in the information systems security to design, develop, implement, and maintain secure systems and services, assess the effectiveness of current systems security and services, evaluate the feasibility of new systems security and services, and provide advice and guidance on complex issues. -- In-depth knowledge of a wide variety of communications and computer security concepts, principles, practices, and governing directives to interpret, disseminate, and adapt local policy, and implement instructions for unit and/or squadron personnel. Incumbent must be capable of analyzing and resolving difficult and complex security problems. -- In-depth knowledge of communications and computer software and programs to protect systems from viruses, data tampering, and unauthorized system entry. This includes knowledge of computer-based instructional software and other media to increase and reinforce communications-computer security awareness.-- In-depth knowledge of the AFEKMS program and related hardware and software, including knowledge of operating systems, local COMSEC Management Software, relational data base management systems, computer-communications software, and Computerized Management of COMSEC Material (CM2).-- Knowledge of a wide range of communications and computer techniques, requirements, methods, sources, and procedures, including familiarity with approaches used by ADP and communications organizations in other agencies and/or the private sector to accomplish a variety of assignments in the communications and computer security specialty area.-- Knowledge of system software and systems development life cycles including systems documentation, design development, configuration management, cost analysis, data administration, systems integration, and testing.-- Comprehensive knowledge of government and industry communications and computer systems, concepts, principles, and practices relative to the systems security function. In-depth knowledge and ability sufficient to serve as the focal point for information security, providing authoritative advice, and assistance on complex, technical, controversial, and precedent setting matters to improve the Information Assurance program comprising many unique organizations and large, complex computer and communications security systems. -- Knowledge and skill sufficient to develop and evaluate program documentation to include: mission need statements, operational requirements documents and support plans, specifications, proposals, and plans for systems operational test and evaluation of communications and information security systems. -- Knowledge of information systems security principles and methods to design, develop, implement, and manage systems, networks, and data that ensure confidentiality, integrity, and availability. -- Knowledge of methods for evaluating, implementing, and disseminating information systems security tools and procedures to ensure, protect, and restore information security systems and network services and capabilities-- Knowledge of Security Awareness Training and Education (SATE) security training program, training materials, and sources-- Knowledge of information systems security certification and accreditation requirements to monitor and evaluate systems' compliance with those requirements. -- Skill in oral and written communication to prepare and present reports, interpret policies and guidelines, provide advice and guidance to customers, and represent the organization in interactions with other organizations. -- Ability to provide technical leadership on projects that require group efforts. -- Knowledge of strapping and configuration options of cryptographic units.Factor 2 - Supervisory Controls:FL 2-4450 points-- The supervisor, makes assignments, determines overall priorities and sets time frames for completion. The employee independently plans and carries out projects and analyses of the organization's requirements, coordinates with other security specialists and MAJCOM headquarters. -- The employee plans and carries out the successive steps involved and handles problems and deviations in accordance with Air Force and DOD policies. Keeps the commander informed of progress and potential controversial matters with wide-ranging implications for the information protection program. Factor 3 – Guidelines:FL 3-3275 points-- Guidelines consist of AF, National Security Agency (NSA), Air Force Intelligence Agency (AIA), Air Force Cryptological Support Center (AFCSC), and Air Education and Training Command (AETC), MAJCOM, policy doctrine and various technical manuals. Guidelines are extensive but generally specific. Determines applicability, adapts as necessary, and researches additional options. Selects the appropriate techniques for accomplishing required tasks and interpreting regulation and policy documents to meet objectives.Factor 4 – Complexity:FL 4-3150 points-- This position deals with various Information Assurance (IA) duties requiring the application of different and unrelated procedures. The Information Assurance function involves consideration of plans, applicable policies, regulations, procedures, and alternative methods of implementing and monitoring security requirements. Recommendations or actions must weigh needs and objectives with IA requirements, and level of service. Evaluates possible means of measuring, analyzing, and providing required IA through electronic, physical, digital, fiber, system, software or procedural means available or proposed. Factor 5 Scope and Effect:FL 5-3150 points-- As the Information Assurance Manager, duties relate to tactical and non-tactical communications/computer systems projects. Work involves development of local policy and procedures and proper coordination and interface with other functions. The work affects the efficiency and operational effectiveness of tactical and non-tactical communications/computer security programs.-- Maintains currency on new technologies and methodologies available in AF, DOD, Federal government, or commercial community with assessment of same for use in AF/joint services projects. Is directly involved in the accountability and management of thousands of accountable items where as any loss can threaten national or individual security. Factor 6 Personal Contracts &Factor 7 Purpose of Contacts:Matrix 3b110 points-- Contacts, in addition to those with the unit/base, are with vendor representatives, computer/communications security personnel at MAJCOM level, representatives of Air Force Communications Agency (AFCA), National Security Agency (NSA), Air Education and Training Command (AETC), Air Force Intelligence Agency (AID), Air Force Cryptological Support Center (AFCSC), etc. Serves as the liaison between unit-level customers and MAJCOM Information Assurance Office.-- The purpose of the contacts is to coordinate work efforts, solve information security problems, educate, and to provide advice to managers on squadron level information assurance program related issues and concerns. Factor 8: Physical Demands:FL 8-15 points -- The work is primarily sedentary in nature. Occasionally the incumbent may transport light objects such as papers and books. No special physical effort or ability is required to perform the work. Factor 9. Work Environment:FL 9-15 points-- The work is performed in a typical office setting. Special safety precautions are not required. (Requirement of the Position)The employee must obtain and maintain a Top Secret clearance.EVALUATION STATEMENTA. Title, Series and Grade: Information Technology Specialist (INFOSEC), GS-2210-11B. References: USOPM Job Family PCS for Administrative Work in the Information Technology Group, GS-2200, GS-2210 Series, May 2001. C. Background: The Combat Communications’ work requirements have undergone significant changes with the influx of new communication and information management systems in the ANG. A journeyperson Information Systems Security position is established as a requirement to design, establish, maintain and manage security of systems data and networks and prevent system security violations. D. Series, Title, and Grade Determination:1. Series: The primary work of this position involves the planning and execution of information assurance systems for IT communication systems and networks. The duties and responsibilities of the position match the series definition in the GS-2210 series. This series includes positions involved in the development, delivery, management, and support of information technology systems and services. This includes managing, analyzing and maintaining security of data and computer systems. 2. Title: Information Technology Specialist is the title for all non-supervisory positions in this series. The parenthetical title of “INFOSEC” is added to identify the security specialty area.3. Grade: The GS-2210 series is used for grade determination. See attached Factor Evaluation System (FES) Position Evaluation Statement. E. Conclusion: Based on the attached evaluation, this position is classified as Information Technology Specialist (INFOSEC), GS-2210-11.Classifier: A. J. Liepnieks Date: 31 Jul 02FACTOR EVALUATION SYSTEMPOSITION EVALUATION STATEMENTFACTORLEVELPOINTSREMARKSKnowledge Required by the Position1-71250FL 1-7 identifies skill and knowledge in evaluating and implementing security procedures and tools, as well as the certification and accreditation requirements for IT systems. Such knowledge and skill are used to ensure the protection of equipment and systems in accomplishing a critical military communications mission. This level is met for the position and substantially matches the first two illustrations on page 76 of Appendix F1, and the last on page 77. FL1-8 identifies a mastery of skill and knowledge required for total infrastructure security protection. This would typically involve security protection for a major command, rather than single or multi unit security considerations. Level 1-8 is not met.Supervisory Controls2-4450FL 2-4 identifies that the supervisor out lines parameters of the assignment, and with the employee determines timeframes, scope of work, and work processes. The employee determines approaches and methods to be followed, as well as the application of regulations and procedures. Work is reviewed based on results rather than processes followed. This meets FL 2-4. FL 2-5 is not met as the incumbent would typically receive very limited administrative and policy guidance involving agency missions and functions.Guidelines3-3275Guidelines include AF, NGB, Major Command, and other agency policies, regulations, and procedures. The judgment required includes the ability to determine unit needs, mission requirements, and threats to each, as well as applying the guidelines. This is a match for level 3-3. Because of the standardized approach required of the job, FL 3-4 is not met. This level typically involves very general, non specific guidelines which require modification and adaptation. This level is not typical of the plexity4-3150This factor treats the type, number, and difficulty of tasks in the position. FL 4-3 describes multiple tasks, processes and methods. The work is the full responsibility of the incumbent. It requires comprehensive understanding of the unit, its missions, its functions, its equipment and the threats to mission accomplishment, as well as the procedures to counteract them. This matches the first illustration in Appendix 4, page 103. Level 4-4 is not met for this position, since security devices and procedures are consistent from one unit to the other. Equipment is standard and so are the security steps in place. Level 4-4 is not found to any degree.Scope and Effect5-3150The work involves recurring problems and situations that are resolved with standard approaches. The work affects the operation and support of combat communications equipment and systems. This is typical of FL 5-3. FL 5-4 focuses on establishing criteria, and assessing the effectiveness of security of systems. This is beyond the scope and effect of the position, and is not met.Personal Contacts &Purpose of Contacts3B110The position is identified as have numerous contacts with individuals from a number of other agencies involved with national security, to include systems security. Such security is critical to the military mission. This meets Level 3. The purpose of such contacts is to implement security measures consistent with the needs of the unit and its mission. This meets Level B. Physical Demands 8-15Physical demands of the job match level 1.Work Environment9-15Work area is adequately climate controlled, with limited risks and discomfort. This matches level 1. TOTAL POINTS ASSIGNED:2395GRADE: GS-11FINAL CLASSIFICATION: Information Technology Specialist (INFOSEC), GS-2210-11.Classifier: A. J. Liepnieks Date: 31 Jul 02 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download