2. Reason for Submission
Redescription New / 3. Service
HQ Field / 4. Empl Office Location / 5. Duty Station / 6. OPM Cert #
Reestablishment Other
Explanation (Show Positions Replaced) / 7. Fair Labor Standards Act
Not Applicable / 8. Financial Statements Required
Exec Pers Financial Disclosure
Employment & Financial Interests / 9. Subject to IA Action
Yes No
10. Position Status
Competitive
Excepted (32 USC 709) / 11. Position is
Supervisory
Managerial / 12. Sensitivity
Non-Sensitive
Noncritical Sens / 13. Competitive Level
SES (Gen)
SES (CR) / Neither / Critical Sens
Special Sens / 14. Agency Use
enlisted
15. Classified/Graded by
a. US Office of Pers Mgt b. Dept, Agency or Establishment c. Second Level Review d. First Level Review
Official Title of Position / Pay Plan / Occupational Code / Grade / Initials / Date
Information Technology Specialist (INFOSEC) / GS / 2210 / 11 / rrh / 16 Jan 04
16. Organizational Title (If different from official title)
Information Assurance Coordinator / 17. Name of Employee (optional)
18. Dept/Agency/Establishment - National Guard Bureau
a. First Subdivision -
b. Second Subdivision - / c. Third Subdivision -
d. Fourth Subdivision –
e. Fifth Subdivision -
19. Employee Review. This is an accurate description of the major duties and responsibilities of my position. / Employee Signature /Date (optional)
20. Supervisory Certification. I certify that this is an accurate statement of the major duties and responsibilities of this position and its organizational relationships, and that the position is necessary to carry out Government functions for which I am responsible. This certification is made with the knowledge that this information is to be used for statutory purposes related to appointment and payment of public funds. False or misleading statements may constitute violations of such statutes or their implementing regulations.
a. Typed Name and Title of Immediate Supervisor / b. Typed Name and Title of Higher-Level Supervisor/Manager (optional)
Signature / Date / Signature / Date
21. Classification/Job Grading Certification:I certify this position has been classified/graded as required by Title 5 USC, in conformance with USOPM published standards or, if no published standards apply directly, consistently with the most applicable standards. / 22. Standards Used in Classifying/Grading Position
USOPM Job Family PCS for Administrative Work in the Information Technology Group, GS-2200, Information Technology Management Series, GS-2210, dated May 2001.
Typed Name and Title of Official Taking Action
rena r. hunt
Human Resources Specialist (Classification) / Information For Employees. The standards and information on
their application are available in the personnel office. The
classification of the position may be reviewed and corrected by
Signature
//signed// / Date
16 Jan 04 / the agency or OPM. Information on classification/job grading appeals is available from the personnel office.
23. Position Review / Initials / Date / Initials / Date / Initials / Date / Initials / Date / Initials / Date
a. Employee (Opt)
b. Supervisor
c. Classifier
24. Remarks:
Released from NGB-HRC, CRA 04-1001, dated 16 Jan 04
NDS PD# N0342
25. Description of Major Duties and Responsibilities (SEE ATTACHED)
NSN 7540-00-634-4265 Previous Edition Usable 5008-106 Optional Form 8 US Office of Personnel Management (USOPM), FPM CHAPTER 295 [Equivalent]
90031E00
25.
a. INTRODUCTION
This position is located in an information management organization. The purpose is to ensure compliance for information assurance throughout the state.
This position requires military membership. It is designated for an Enlisted incumbent only. In accordance with DA Pamphlet 611-21 andAFMAN 36-2108, the incumbent performs duties necessary to accomplish information technology management functions in support of command, control, communications and computers (C4) programs essential to state information management daily operations, training, and readiness missions.
b. DUTIES AND RESPONSIBILITIES
--Receives and reviews written guidance from a variety of Department of Defense (DoD), federal and state investigative and enforcement agencies and interprets for impact in the state. Enforces established policy and guidance for all Information Assurance Systems Officers throughout the state. Enforces the state information assurance and accreditation policy.
--Directs actions required to prevent and/or correct information assurance deficiencies and violations. Exercises authority for denial of computer access and coordinates re-establishment of service.
--Assures compliance with security policy for external connections to the state network and assures compliance with the national and state policies. Works with the System Security Manager to develop procedures to protect information in the state networks. Monitors external connections to other state, territorial, or federal network domains as necessary. Identifies and reports violations of system security. Administers firewalls and intrusion detection systems (IDS) and monitors unauthorized access. Implements virus protection plan.
--Evaluates the effectiveness of systems, devices, procedures, and methods used to safeguard information in computer accessible media and ensures correction of all state deficiencies on systems containing applicable security technologies.
--Reviews/tests/updates continuity of operations plans (COOPS) and Security SOP’s and actively participates in accreditation/reaccredidation processes.
--Performs other duties as assigned.
c. OTHER FACTORS
--Position requires a secret security clearance.
Factor 1 - Knowledge Required by the Position:
--Extensive knowledge of the organizational structure of the state, to include technical knowledge of the data flow and requirements at each level in the state command structure.
--Extensive knowledge of computer operating systems and network operating systems, to include but not limited to, Windows NT, Windows 2000, CISCO OS, and UNIX. Operational and technical knowledge of all types of database engines, system configurations, and formats in use in the network infrastructure. This may include, but is not limited to, Structured Query Language (SQL), Microsoft Access, Oracle, Informix, and Sybase.
--Extensive knowledge of security required for Network Operating Systems (NOS) in the state and the impact they have on data flow and capabilities. This may include but is not limited to, Windows NT, Windows 2000, UNIX (NETBIOS over TCP/IP and TCP/IP), and NOVELL (IPX / SPX).
--Extensive knowledge of the critical systems within the state and ability to prioritize protection of these and respond to new requirements in the IT architecture.
--Thorough knowledge and sufficient skill to conduct effective security reviews of present systems and networks and to recommend revised or new measures based upon accreditation reviews or new equipment fielding requirements.
--Sufficient knowledge to evaluate various authentication technologies and recommend purchase of hardware, software, or both to meet security requirements. Implementation includes adequate administration and oversight of the program.
Factor 2 - Supervisory Controls:
The supervisor provides overall objectives and available resources. Incumbent and supervisor discuss timeframes, scope of assignment, and possible approaches. The incumbent determines methods and practices to be applied in order to plan, design and carry out the assignment, and for coordinating, as a peer, with experts both in and out of the state. The incumbent uses technical judgment concerning the interpretation and implementation of existing policy and regulations regarding information assurance and accreditation in the state. Resolves complex, intricate, controversial or unprecedented issues and problems by applying new methods, and resolves most of the conflicts that arise. Supervisor is kept informed of progress and of potentially controversial matters. Work is reviewed for overall approach, effectiveness of results, feasibility of recommendations, and adherence to requirements.
Factor 3 - Guidelines:
Guidelines are available in the form of DoD, National Guard Bureau, applicable military component and various other government regulations or policies, and system handbooks or manuals but they are not always directly applicable to specific issues or problems or may have gaps in significant areas. Judgment is utilized to modify precedent approaches to specific situations and to interpret, and apply the modifications to the specific problem or issue.
Factor 4 - Complexity:
The work consists of a variety of duties that involve many different and unrelated processes and methods pertinent to the information technology field.
The incumbent decides what needs to be done by evaluating unusual circumstances, considering different approaches, and dealing with incomplete and conflicting data.
The incumbent exercises judgment and originality by interpreting data, planning the work, and refining the methods and techniques being used.
Factor 5 - Scope and Effect:
The work involves a variety of common problems, questions, or situations that are dealt with in accordance with established criteria. The incumbent responds to systems security incidents (i.e. corrupted data, virus infections, authentication problems), maintains security systems to prevent unauthorized access, and works to isolate problems or sources of problems.
Work affects the design, testing, implementation, operation, or support of IT systems that contribute to the protection of the system and ensure the integrity and availability of the systems, networks, and data.
Factor 6 - Personal Contacts &
Factor 7 - Purpose of Contacts:
Personal contacts are with employees and managers within the agency, both inside and outside the office and at various organizational levels. Contacts also include representatives of private concerns, and the general public in a moderately structured setting.
The purpose of contacts is to plan coordinate, or advise on work efforts, or to resolve issues or operating problems by influencing or persuading people who are working toward mutual goals and have basically cooperative attitudes. Contacts typically involve identifying options for resolving problems.
Factor 8 - Physical Demands:
The work is normally sedentary in nature. Incumbent may be required to walk, stand, bend, or carry light items but no special physical demands are required to perform the work.
Factor 9 - Work Environment:
The work is normally performed in an office setting with no unusual risks or discomforts.
EVALUATION STATEMENT
A. Title, Series and Grade: Information Technology Specialist (INFOSEC),
GS-2210-11.
B. Reference: USOPM PCS Job Family Position Classification Standard for Administrative Work in the Information Technology Group, GS-2200, Information Technology Management Series, GS-2210, dated May 2001.
C. Background: Over the past several years, technology has changed so rapidly in the field of information technology (IT), positions developed only a few years ago are outdated. With the abolishment of the Computer Specialist Series, GS-0334 and the implementation of the new occupational series of Information Technology Management, GS-2210, a review of all Computer Specialist position descriptions was conducted. At this same time, it was also recognized that these technological changes have impacted more than just the Computer Specialist positions located in the various C4 organizations throughout the state. As a result, all positions in the Army IT organizations were reviewed and updated. During the evaluation process of these new position descriptions, a decision was made by the National Guard leadership to merge many of the headquarters functions performed by both the Air and Army National Guard into the Joint Forces Headquarters (State). The information management functions were some of the functions that were affected. New position descriptions were developed to comply with this joint operations concept. To accommodate those states that do not merge all of the information management positions into the J-6, an attempt was made to make these new PDs as component and organizationally generic as possible. This position is one of these new PDs.
D. Series, Title, and Grade Determination:
1. Series: Work in the GS-2210, Information Technology series refers to systems and services used in the automated acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, assurance, or reception of information. Information technology includes computers, network components, peripheral equipment, software, firmware, services, and related resources. The series has several parenthetical specialty titles that further identify the duties and responsibilities that may be performed. Security duties (INFOSEC) are described as: ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. This position has responsibility for ensuring the reliability, accessibility and security of the information systems including all associated hardware and software systems. These duties are consistent with the descriptions provided for Information Technology and so the GS-2210 is selected as the correct classification for this position.
2. Title: The basic title for positions classified to the GS-2210 series is Information Technology Specialist. A parenthetical title of “INFOSEC” is added to denote specialization in work that involves ensuring confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance and enhancement of information systems security programs, policies, procedures and tools.
3 Grade: See the attached Factor Evaluation table and the Factor Level Analysis.
E. Conclusion: Information Technology Specialist (INFOSEC), GS-2210-11.
Classifier: Rena R. Hunt, NBG-HRCADate: 16 Jan 04
FACTOR EVALUATION SYSTEM
POSITION EVALUATION STATEMENT
FACTOR / FL / PTS / REMARKS1. Knowledge Required by the Position / 1-7 / 1250 / See Analysis Below
2. Supervisory Controls / 2-4 / 450 / “ “
3. Guidelines / 3-3 / 275 / “ “
4. Complexity / 4-4 / 225 / “ “
5. Scope And Effect / 5-3 / 150 / “ “
6. Personal Contacts &
7. Purpose Of Contacts / 2b / 75 / “ “
8. Physical Demands / 8-1 / 5 / “ “
9. Work Environment / 9-1 / 5 / “ “
TOTAL POINTS ASSIGNED: / 2435 / GRADE: GS-11
Factor 1 - Knowledge Required by the Position:FL 1-71250 Points
This position exceeds level 1-6. This level is described as requiring knowledge of and skill in applying IT security principles, methods, and tools; and the IT security environment sufficient to participate in defining IT security requirements; and to implement and support IT security applications. The incumbent of this position would be performing these duties but he/she would also exceed this level.
The position does meet level 1-7 where the requirement is knowledge of and skill in applying methods for: evaluating, implementing, and disseminating IT security tools and procedures; IT security certification and accreditation requirements; network operations and protocols; and computer forensics principles. These are required to be able to: develop, implement, and coordinate activities designed to ensure, protect, and restore IT systems, services, and capabilities; monitor and evaluate systems’ compliance with IT security requirements; provide advice and guidance in implementing IT security policies and procedures in the development and operation of network systems; and ensure proper protection of evidence used in investigating computer crimes. The incumbent of this position is required to prevent and correct security deficiencies and violations, develop procedures and policies to protect network information, evaluate the effectiveness of security procedures currently in effect, and administer firewalls and intrusion detection systems to monitor and prevent unauthorized access. These duties are all in line with level 1-7.
The position does not meet level 1-8 which is considered to have a mastery of and skill in applying advanced IT principles, concepts, methods, standards, and practices. The position does not require such “mastery” of these skills and so is not credited.
Factor 2 - Supervisory Controls:FL 2-4450 Points
Level 2-3 is exceeded by the position. At this level, the supervisor outlines or discusses possible problem areas and defines objectives, plans, priorities, and deadlines. The employee independently plans and carries out the assignments in conformance with accepted policies and practices and adheres to instructions, policies, and guidelines in exercising judgment to resolve commonly encountered work problems and deviations. Controversial information or findings are brought to the attention of the supervisor for direction.
The position is a match with level 2-4. The supervisor of this position outlines overall objectives and available resources. Together, the supervisor and employee discuss timeframes, scope of the assignment including possible stages, and possible approaches. The incumbent of this position plans out all phases of the assignment, including the approach to be taken, and the methods to be used and frequently interprets regulations on his/her own initiative, applies new methods to resolve complex and/or intricate, controversial, or unprecedented issues and problems, and resolves most of the conflicts that arise. The incumbent keeps the supervisor informed of progress and of potentially controversial matters. The supervisor reviews the completed work for soundness of overall approach, effectiveness in meeting requirements or producing expected results, feasibility of recommendations, and adherence to requirements. This is a direct match with the position.
The position does not meet level 2-5 where the supervisor provides administrative and policy direction in terms of broadly defined missions or functions of the agency. The incumbent of the position does not have responsibility for a significant agency or equivalent level IT program or function; does not interpret policies promulgated by authorities senior to the immediate supervisor and determine the effects on the program needs; and is not considered a technical authority.
Factor 3 - Guidelines:FL 3-3275 Points
Level 3-2 is exceeded by the position. Guidelines at this level are directly applicable to the assignment, prescribe established procedures and techniques, and provide clear precedents. Judgment is used to select and apply the most appropriate guideline and in making minor deviations when adapting guidelines to existing situations. For those situations where existing guidelines cannot be applied or require significant deviations, they are referred to the supervisor.
The position is a direct match with level 3-3. The incumbent uses a wide variety of reference materials and manuals, but they are not always directly applicable or have gaps in specificity. The incumbent researches, chooses, interprets, existing guidelines for application and modifies those same guidelines to adapt them to specific problems or issues.
Level 3-4 is not meet by this position. Guidelines at this level are often scarce, inapplicable or have gaps in specificity that require considerable interpretation and/or adaptation for application to issues and problems. The incumbent of this position is not working in an environment where guidelines have to be “considerably” modified or are not available at all and so the position does not meet this level.
Factor 4 - Complexity:FL 4-4225 Points
Level 4-3 is exceeded by the position. At this level work consists of various duties that involve applying a series of different and unrelated processes and methods where the employee decides what needs to be done based on analyses of the subjects and issues related to the assignment and selects the appropriate course of action. While the incumbent of the position does perform the preceding duties they are exceeded when looking at the full performance discussed below.