As the Enterprise Cybersecurity Vulnerability Manager, you will develop strategies, plans and processes to ensure cybersecurity vulnerability management is consistent throughout the Agency. Working with cybersecurity vulnerability management stakeholders across multiple organizations, you will verify that identification and remediation of unclassified cybersecurity vulnerabilities are in alignment with Federal requirements and Agency cybersecurity policy and strategy.

Duties

Establish an Agency strategy and processes for managing the lifecycle of Department of Homeland Security (DHS) Emergency Directives (EDs), Binding Operational Directives (BODs), and other Federal vulnerability mitigation directives. Work with the NASA Security Operations Center (SOC), NASA Centers and other CSPD groups to ensure effective communication, mitigation, validation, and internal status reporting of unclassified cybersecurity vulnerabilities. Ensure the management and integration of several Agency services related to unclassified vulnerability management, including planning and managing priorities for the overall function. Lead an agency-wide vulnerability management forum composed of stakeholders from NASA Mission and Mission Support systems across the enterprise (400 – 600 participants weekly) to ensure transparency and maximize direct communication. Manage NASA’s Vulnerability Disclosure Program (VDP) in cooperation with DHS Cybersecurity and Infrastructure Security Agency (CISA) to enhance detection of vulnerabilities in public facing sites by external researchers. Represent NASA OCIO and Cybersecurity and Privacy Division (CSPD) with a wide array of stakeholders including NASA Centers and Missions, as well as DHS CISA and OMB, during high-profile government vulnerability detection and mitigation events. Ensure the Agency is addressing the updated listing of Known Exploitable Vulnerabilities (KEV) as directed in Binding Operational Directive 22-01 from Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Provide oversight of CyberHygiene scanning, remediation, and reporting to DHS CISA. Foster a culture of engagement, diversity, inclusiveness, excellence and innovation. Champion NASA's commitment to Diversity, Equity, Inclusion and Accessibility to create an environment that promotes a commitment to safety, integrity, and teamwork.

Requirements

• Current Federal employees must meet qualifications, time in grade, and 90 days after competitive appointment requirements by the closing date of the announcement.
• Financial Disclosure, Drug Testing, and/or the Travel Requirements for this position may differ and be required based on the duty location/NASA Center requirements.
• Selected applicant(s) must be assigned to a duty location listed on the announcement.
• Position subject to pre-employment background investigation or higher level clearance. Investigation/Clearance may differ and be required based on the duties/location-NASA Center requirements.

Qualifications

Specialized experience is experience that has equipped you with the particular ability, skill, and knowledge to successfully perform the duties of this position and is typically in or related to this line of work. To qualify for GS-15, you must have one year of directly related specialized experience equivalent to the GS-14 level: Coordinating and scheduling high-level meetings and briefings to provide senior management with information and analysis on cybersecurity topics; collaborating and teaming with Missions and other organizations to improve the agency performance and responsiveness in managing unclassified cyber vulnerabilities; and analyzing and integrating cybersecurity vulnerability management methodologies with Federal and Agency cybersecurity requirements. AND IF you are qualifying based on experience, you MUST also have IT-related experience demonstrating each of the four competencies listed below: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Your resume must include a clear and detailed narrative description, in your own words, of how you meet the required specialized experience. Experience statements copied from a position description, vacancy announcement or other reference material constitutes plagiarism and may result in disqualification and losing consideration for the job. NASA prohibits the use of artificial intelligence (AI) or AI-assisted tool in drafting application and assessment responses. Please visit https://www.nasa.gov/careers/how-to-apply/#Artificial-Intelligence to review NASA's guidance on the use of AI tools during the application process.

Education

This job does not have an education qualification requirement.

Contacts

• Address NASA Headquarters 300 E St SW Washington, DC 20546 US
• Name: NASA Shared Services Contact Center
• Phone: 1-877-677-2123
• Email: [email protected]