Summary GAO supports the Congress in meeting its constitutional responsibilities to legislate, appropriate, and oversee the Federal government for the benefit of the American people. GAO, commonly referred to as the investigative arm of Congress, or the congressional watchdog, is independent and nonpartisan. GAO assists Congress in making informed decisions by providing information on policy and program issues, as well as by providing recommendations to make government more effective and responsive. Responsibilities Band IIA employees will serve as a Senior IT Specialist (Cybersecurity) performing technical IT security assessments at organizations of audit interest. The primary purpose of the position is to serve as an individual contributor on an engagement team performing a range of duties independently that typically includes taking the responsibility for a technical cybersecurity segment of the engagement including design, data collection and analysis, message development, and product preparation. The incumbent works independently producing products that are complete. The incumbent may also provide support for an audit data processing computing environment, the ARM Data Facility (ADF). Takes a lead role in conducting access controls assessments that requires detailed technical testing and verification of controls in complex, diverse and interconnected network environments at organizations of audit interest. Controls assessments includes but not limited to penetration testing tools and techniques, boundary protection, identification and authentication, authorization, cryptography, audit and monitoring, configuration management, and software development. At the direction of the Assistant Director (AD) and the Auditor-In-Charge (AIC), works collaboratively with other team members in the planning and timely execution of information systems general and application controls assessments. This includes involvement in the engagement design, data collection, analysis, message development and drafting segments of products that are technically accurate, complete and appropriately targeted to the product audience. Conducts analysis of data collection efforts that includes conducting interviews with technical staff, independent testing and verification of controls, and reviews of relevant technical documentation and data. Documents results in a clear, balanced, and objective manner that meets the needs of congressional clients and conforms to all audit requirements and quality standards. Presents results orally and in writing to technical and managerial audiences internal to GAO and at external organizations of audit interest. Responsible for the maintenance, configuration, and reliable operation of computer systems that may include servers, network devices, virtualization, and laptops. Serves as a coach and mentor to Band I IT Analysts and Professional Development Program (PDP) staff. Requirements Conditions of Employment Must be a current full-time or part-time GAO employee on a permanent appointment. Qualifications Band IIA Must be a full-time or part-time GAO employee on a permanent appointment. In addition, applicants must meet either of the two following criteria by April 23,2023 (effective date of the promotions): (1) have a minimum of 104 weeks of GAO experience, equivalent to at least the next lower band level (PE-I, PA-I, PT-II, PT-I, AC-III, AC-IV), in a position focused on conducting research, quantitative and qualitative analysis, or program evaluations; or (b) have 78 weeks of GAO experience, equivalent to at least the next lower band level (PE-I, PA-I, PT-II, PT-I, AC-III, AC-IV), in a position focused on conducting research, quantitative and qualitative analysis, or program evaluations, and have a minimum of 52 weeks of directly related work experience prior to starting work at GAO by May 5, 2024. In addition to meeting the requirements listed above, ALL applicants must meet the following 2 selective placement factors: (1) Extensive experience and demonstrated abilities in analyzing key aspects of automated information systems, such as development, acquisition, testing, operation, and maintenance. (2) Extensive experience and demonstrated abilities in analyzing elements of one or more of the following information technology domains: information security, enterprise architecture, information management, investment management, and telecommunications. Education Not Applicable Additional Information Band IIA Senior IT Specialist promotion opportunities for GAO's mission teams will be available in all applicable geographical locations. For information on the number of Band IIA promotion opportunities by team, please see the GAO-wide Notice published and distributed (via email) on 1/12/2024. BARGAINING UNIT STATUS: This position is included in the bargaining unit. If you would like to apply for Specialists promotion opportunities (IT Analyst, Financial Auditor, etc.), you must submit a separate application directly to the appropriate announcement for each Specialist position for which you wish to be considered. This position is a moderate risk public trust position with possible upgrade to a Secret or Top Secret or SCI clearance depending on the type of engagement the employee will be assigned to within the mission teams. If you are selected for a promotion and have applied for a Flexible Work Agreement (FWA) or Remote Work Agreement (RWA), and are approved for one of these agreements, you will have to re-apply if selected for promotion based on the new position to which you will be promoted. Additionally, you may have a 90-day waiting period if you have requested FWA or RWA to a new geographical location. If selected for promotion, you will be promoted in your current duty station.