Lead IT Cybersecurity Specialist

**Duties**:

- Develop maintenance schedules, deploy software updates, monitor deployments, and remediate patching activity for our internal and external enterprise clients and mobile devices. Develop and deploy automated cloud patching mechanism to push security patches. Leverage cloud technologies to centrally manage patching. Assist in maintaining update collections by completing moves, adds, and changes per client request.
- Utilize scripting languages to automate routine tasks, ensuring timely and error-free deployment patches. Create and maintain scripting libraries for various patching scenarios, ensuring scalability and adaptability. Recognize that software fixes may require configure changes including modifications to the registry keys or other device settings. Attention to detail, the ability to comprehend technical release notes, and creating patching activity reports is required. Create knowledge articles to document software patch deployment and remediation tasks. Work with software patch distribution vendors to resolve complex technical issues. Complete emergency (zero day) patch deployments. Monitor and remediate patching activity across a range of maintenance schedules. Manage and ensure effectiveness of security solutions, including firmware upgrades, anti-virus solutions, and software patches. Establish and maintain regular written and in-person communications with the client and organization's executives, decision-makers, stakeholders, department heads, and end users regarding pertinent Patch Management activities. Perform routine audits of patching activity to confirm all updates are being applied and reported correctly.
- Stay abreast of industry best practices, emerging threats, and vulnerabilities to enhance the effectiveness of the patch management program. Create pre
- and post-patch reports and present results to internal and client stakeholders.
- Coordinate the timely deployment of security patches across the organization's information systems. Establish and maintain processes for monitoring patch compliance, ensuring all systems are up to date with the latest security patches. Ensure compliance with organizational and government security policies related to patch management. Work closely with compliance and auditing teams to address any gaps and mitigate risks. Maintain accurate documentation of patch management processes, procedures, and activities. Generate regular reports for leadership, providing insights into patching effectiveness, compliance levels, and areas for improvement.
- Lead a team of patch management specialists, setting clear performance expectations and providing guidance on patching priorities. Foster a collaborative work environment, promoting knowledge sharing and continuous improvement in patch management processes. Participate in internal and external program/project management reviews. Own project from inception to decommissioning and/or O&M. Track, project schedules, risks, dependencies, team capacity and costs.

**Requirements**:
**Conditions of Employment**:

- Must be a U.S. Citizen or National
- Males born after 12-31-59 must be registered for Selective Service
- Suitable for Federal employment, determined by a background investigation
- May be required to successfully complete a probationary period
- Complete the initial online assessment and USAHire Assessment, if required
- This position is not eligible for inclusion in a bargaining unit

**Qualifications**:

- For the GS14: You must have one full year (52 Weeks) of specialized experience comparable in scope and responsibility to the GS-13 level (obtained in either the public or private sectors) that is IT-related and included experience in specialized experience for this position includes all of the following:

- 1) Developing and implementing patch management policies, procedures, and standards in alignment with organizational security requirements and best practices; and
- 2) Developing metrics and reporting mechanisms to track patch management effectiveness and compliance with security policies and regulations; and
- 3) Providing technical guidance and support to IT staff and system administrators on patching methodologies, tools, and procedures; and
- 4) Conducting thorough analysis of vulnerabilities and exploit techniques to prioritize patching efforts and mitigate potential security risks.
- You must meet all qualification and eligibility requirements by the closing date of this announcement.
- Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experie