This position is located in the Cybersecurity and Privacy Division of the NASA Office of the Chief Information Officer. As the Cybersecurity Risk Manager for Jet Propulsion Laboratory (JPL), you will provide oversight of assessment, authorization, and risk management activities for all JPL information systems. You will provide guidance and expertise to System Owners, Information System Security Officials, and Authorizing Officials in analyzing, communicating, and managing cybersecurity risks.

Duties

Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risk. Advise senior management (e.g., Chief Information Officer [CIO]) on risk levels and security posture. Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials). Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals. Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program. Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance. Develop methods to monitor and measure risk, compliance, and assurance efforts. Provide leadership and direction to information technology (IT) personnel by ensuring that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities. Foster a culture of engagement, diversity, inclusiveness, excellence and innovation. Champion NASA's commitment to Diversity, Equity, Inclusion and Accessibility to create an environment that promotes a commitment to safety, integrity, and teamwork.

Requirements

• This position is open to U.S. citizens, nationals or those who owe allegiance to the U.S.
• Position subject to pre-employment background security investigation
• You must meet qualifications requirements by the closing date of this announcement
• A one year probationary period may be required

Qualifications

Specialized experience is experience that has equipped you with the particular ability, skill, and knowledge to successfully perform the duties of this position and is typically in or related to this line of work. To qualify for GS-14, you must have one year of directly related specialized experience equivalent to the GS-13 level. Applying Risk Management Framework (RMF) process and principles, methods and practices against specified requirements/controls (e.g., National Institute of Standards and Technology (NIST) Special Publications 800-37, 800-53, and 800-60) to develop security plans and continuously monitor the cybersecurity posture of networks and information systems; Developing and/or assessing security controls, gathering data for assessing risk to prevent information systems vulnerabilities and assure controls meet security requirements; and Collaborating and negotiating with customers and/or business partners to perform oversight and manage compliance with requirements to ensure an organization's cybersecurity posture in a risk-based manner that minimizes operational impact. AND IF you are qualifying based on experience, you MUST also have IT-related experience demonstrating each of the four competencies listed below: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Your resume must include a clear and detailed narrative description, in your own words, of how you meet the required specialized experience. Experience statements copied from a position description, vacancy announcement or other reference material constitutes plagiarism and may result in disqualification and losing consideration for the job.

Education

This job does not have an education qualification requirement.

Contacts

• Address NASA Headquarters 300 E St SW Washington, DC 20546 US
• Name: NASA Shared Services Contact Center
• Phone: 1-877-677-2123
• Email: [email protected]