Skip Navigation
Skip to Main Content Skip to Left Navigation Skip to Footer

United States of America

Department of Commerce

Commerce Seal montage illustrating the work Commerce does

Vacancy Questions Preview

Vacancy Questions Preview

Grade: All Grades
* 1.I have thoroughly reviewed the 'How to Apply/Required Documents' & 'Qualifications' sections of this Vacancy Announcement to determine which supplemental documents to submit. This may include: Transcripts to verify undergraduate/graduate education; SF-50 if I am a current/former Federal employee; DD214 if I am a veteran (and SF-15/VA Letter if applicable), etc. I understand that failure to fax in required documents by the vacancy announcement's closing date may result in loss of consideration.
  1. Yes
  2. No

* 2.Do you have one year of specialized experience equivalent to at least the GS-12 grade level or the next lowest pay band in the Federal service? (See the "Qualifications" section of this announcement for the definition of specialized experience.
  1. Yes
  2. No

* 3.Choose all areas where you have experience establishing, coordinating and implementing IT Security requirements within the SDLC process?
  1. Verifying and performing FISMA reviews
  2. Verify that security requirements are properly implemented and documented
  3. Documenting IT security controls and policies
  4. Monitoring security systems
  5. Monitoring the application of system patches and virus updates
  6. Approving firewall rules and monitoring firewall logs
  7. Monitoring audit and security logs
  8. Applying information security/information assurance policies
  9. Conduction Certifications and Accreditation activities
  10. Developing an Information Systems Security Program
  11. Conducts vulnerability assessments and audits
  12. Implementing an Incident Response Program
  13. Implementing a disaster recovery plan
  14. Implementing a contingency plan
  15. None of the above

* 4.Choose the following that describe your IT security experience. (Select all that apply.)
  1. Oversee the development and maintenance of system security plans and contingency plans for all systems under organizational control.
  2. Develop and maintain operating unit IT security policies, procedures, standards and guidance consistent with applicable organizational or federal requirements.
  3. Participate in the self-assessment of systems safeguards and program elements, and in the certification and accreditation (C&A) of a major information system.
  4. Act as the organization's central point of contact for all security incidents, develop incident response procedures, and report incidents to the responsible authority.
  5. Develop a process to identify, track and report on security patch management.
  6. Ensure that appropriate encryption methodologies are used for transmission of sensitive information.
  7. Ensure organizational compliance with NIST and OMB requirements.
  8. None of the above.

* 5.Which of the following best reflects your highest level of experience correcting security vulnerabilities and implementing security controls?
  1. I have corrected security vulnerabilities and implemented security controls under close supervision.
  2. I have assisted others in correcting security vulnerabilities and implementing security controls
  3. I have participated on a team that corrected security vulnerabilities and implemented security controls
  4. I have independently corrected security vulnerabilities and implemented security controls.
  5. I have led others charged with correcting security vulnerabilities and implementing security controls.
  6. None of the above

* 6.I possess security certification(s) from the following vendors:
  1. ISACA
  2. EC-Council
  3. Information Assurance Certification Review Board (IACRB)
  4. CyberSecurity Institute
  5. International Information Systems Security Certification Consortium (ISC)2
  6. Prosoft
  7. GIAC - Global Information Assurance Certification
  8. RSA Security
  9. Check Point
  10. Cisco
  11. TruSecure
  12. BrainBench
  13. Learning Tree
  14. CompTIA
  15. Security Certified Program
  16. Other
  17. None of the above

* 7.Do you have experience creating, maintaining, monitoring and reporting on Plan of Action and Milestones (POA&M)?
  1. I have not had education, training or experience in performing this task.
  2. I have had education or training in performing this task, but have not yet performed this task on the job.
  3. I have performed this task on the job with close supervision from a supervisor or senior employee.
  4. I have performed this task as a regular part of the job, independently and usually without review by a supervisor or senior employee.
  5. I have supervised performance of this task and/or I have trained others in performance and/or am normally consulted as an expert for assistance in performing this task.

Applicants may check the status of their application by accessing the Department of Commerce (QuickHire), Applicant Site at