Supvy IT Cybersecurity Specialist (INFOSEC)

Description:

This position is located in Cybersecurity Operations and Response Division (CORD). The CORD plays a pivotal role in safeguarding the organization against cyber threats. We ensure the resilience and security of USPTO digital assets. The incumbent serves as the Division Director, CORD.

This announcement has been amended to extend the closing date to January 20, 2026.

Requirements:

You must meet the United States Office of Personnel Management's (OPM) qualification requirements (including specialized experience and/or educational requirements) for the advertised position. You must meet all eligibility and qualifications requirements by the closing date of the job announcement. OPM Qualifications Standards are available at Information Technology (IT) Management Series 2210

Specialized Experienceis experience that has equipped applicants with the particular knowledge, skills and abilities to successfully perform the duties of the position, and that is typically in or related to the position to be filled. To be creditable, specialized experience must have been equivalent to at least the next lower grade level in the federal service. For this position, the next lower grade level is a GS-14.

Specialized experience for this position includes:
1. Experience directing daily and strategic operations of a large IT cybersecurity organization as a second-tier supervisor reporting to the CISO (or equivalent), responsible for translating cybersecurity strategy into actionable operational objectives, aligning enterprise security architecture, infrastructure performance, and risk posture optimization with mission-critical agency goals. AND
2. Experience leading advanced security operations including continuous monitoring, incident response, and threat detection across hybrid and cloud-based environments, proven ability to integrate cyber threat intelligence, risk assessments, and situational awareness into enterprise decision-making processes to protect high-value assets and federal intellectual property. AND
3. Experience managing forensic and vulnerability management operations to detect, analyze, and remediate security weaknesses, coordinating penetration testing, implementing enterprise patch management strategies, and conducting post-incident forensic investigations to identify root causes, ensure data integrity, and prevent recurrence. AND
4. Experience architecting, validating, and deploying secure technological solutions compliant with implementing Zero Trust architectures, enforcing access controls, and integrating automation tools to enhance compliance, scalability, and operational resilience. AND
5. Experience supervising cross-functional technical teams including network, cloud, and security engineers, along with analysts and program leads, workforce planning, technical training, and performance management, ensuring staff proficiency, operational readiness, and alignment with the cybersecurity strategic vision and security governance framework.

In addition to meeting the specialized experience you must meet the basic requirement below to qualify for this series. Basic Requirement Competencies: The specialized experience must include, or be supplemented by, information technology related experience (paid or unpaid experience and/or completion of specific, intensive training, as appropriate) which demonstrates each of the four competencies, as defined:

1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
3. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Condition of Employment: Incumbent must have one of the following certificates within 120 days from entry on duty (EOD): ISC2 Certified Authorization Professional (CAP); ISC2 Certified Information System Security Professional (CISSP); ISACA Certified Information Security Manager (CISM); GIAC Information Security Fundamentals (GISF); GIAC Security Leadership Certification (GSLC).

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.