Job opening: Deputy Director and Chief Information Security Officer
Salary: $193 819 - 221 900 per year
Relocation: YES
Published at: Jun 03 2024
Employment Type: Full-time
The Department of Energy's (DOE) Office of Science - Headquarters (SC) is looking for an experienced executive to serve as the Deputy Director and Chief Information Security Officer within the Office of Information Management (OIM). OIM is comprised of three primary offices: the Office of the Director, the Cyber Security Division, and the Information Technology Services Division.
Duties
As the Deputy Director and Chief Information Security Officer you will:
Provide direction, guidance, oversight, review, and approval on the technical, management and administrative direction of information technology (IT) initiatives, projects, and objectives; evaluate, modify, and make recommendation on contractor design proposals to ensure they are technically feasible in the SC environment, meet the intent of the SC information management (IM) architecture, and support the CIO and the SC strategic plans and other directions; oversee information management performance and governance reviews of the design and architecture of applications during the development process.
Provide leadership and work with senior management across the Department of Energy (DOE), including coordination with the Department's Office of the Chief Information Security Officer, to create and implement an SC-wide cyber security strategy and vision, in alignment with DOE and OMB policies, directives, and procedures.
Partner with the SC Federal Site Offices and Laboratories to align this strategy with the vision and capabilities of those Federally Funded Research and Development Centers (FFRDCs).
Communicate to business unit customers the direction of information management and cyber security technology initiatives; and serve on SC and interagency committees and participates on special task forces to provide advice and guidance on state-of-the-art technology and cyber solutions.
Oversee the governance, management, and organization of the federal cyber security environment for SC; serve as the liaison between SC senior leadership and federal and contractor staff regarding cyber security and incorporates the feedback into a refined and comprehensive program that is tailored for the SC enterprise.
This is a dual-hatted position that includes serving as the "Chief Information Security Officer" (CISO), duties include:
Serve as the Chief Information Security Officer (CISO) on the information management and cyber security needs of the organization; identifies and resolves complex problems or issues that cross functional boundaries; and recommends and provides training for OIM personnel.
Provide cyber security program leadership for all SC offices, including all governance, information security risk management, budget, privacy, compliance, policy development, and the implementation of cyber security efforts.
Serve on SC and interagency committees and participates on special task forces to provide advice and guidance on state-of-the-art technology and cyber solutions.
Oversee the SC-wide cyber security incident reporting and response program in coordination with other Departmental and SC offices; maintain an SC information assurance response capability; evaluate incident reports for SC computer network attack/computer network exploitation situations; ensure the development and coordination of corrective actions plans involving SC enterprise systems in response to issues identified by other Federal agencies, peer reviews, and self-assessments.
Qualifications
Your resume must describe your executive core qualifications (ECQs) and experience, technical qualifications and give a synopsis of your accomplishments.Do not include a separate ECQ narrative. Additionally, Mandatory Technical Qualifications (MTQs) listed later in this section below must be addressed in a separate document.
EXECUTIVE CORE QUALIFICATIONS: The five ECQs described below were designed to assess executive-level experiences and potential not technical expertise. They measure whether you have the broad executive skills needed to succeed in a variety of SES positions.
1: Leading Change: Ability to bring about strategic change, both within and outside the organization, to meet organizational goals and establish an organizational vision and to implement it in a continuously changing environment.
2: Leading People: Ability to lead people toward meeting the organization's vision, mission, and goals and provide an inclusive workplace that fosters the development of others, facilitates cooperation and teamwork, and supports constructive resolution of conflicts.
3: Results Driven: Ability to meet organizational goals and customer expectations and make decisions that produce high-quality results by applying technical knowledge, analyzing problems, and calculating risks.
4: Business Acumen: Ability to manage human, financial, and information resources strategically.
5: Building Coalitions: Ability to build coalitions internally and with other Federal agencies, State and local governments, nonprofit and private sector organizations, foreign governments, or international organizations to achieve common goals.
MANDATORY TECHNICAL QUALIFICATIONS (MTQs): As part of your application package, a separate document must be uploaded addressing each MTQ listed below. No more than one page per MTQ is allowed; additional information will not be considered. MTQs must provide specific examples that address relevant experience and accomplishments. Your leadership and management skills must be addressed in the MTQs listed below.
Failure to submit a document addressing each MTQ will result in your application to be deemed incomplete and not be considered.
MTQ 1: Demonstrated experience in information management and cybersecurity programs with particular emphasis on programs in support of complex research and development operations. This experience should include knowledge of industry best practices and government regulations and requirements in the information management area. Demonstrated knowledge of cybersecurity risks and mitigation actions is also required. Experience in balancing these requirements and risks to support mission objectives is critical.
MTQ 2: Demonstrated skill in providing direction and oversight for IT services, including contracting for these services. This skill should include the establishment and oversight for an enterprise-wide IT program including governance, information security risk management, budget, privacy, compliance, and implementation. Experience in data center management including the development of business continuity and disaster recovery plans, vendor management and regulatory compliance. (A technical degree is desired, but not required, in determining the general understanding of information technology and computer science.)
MTQ 3: Demonstrated skill in communicating with senior management officials, government/public officials, scientists, engineers, information technology professionals, the public and national laboratory/contractor management (or industry equivalent) to develop support for complex or controversial programs and/or respond to concerns.
Education
This job does not have an education qualification requirement.
Contacts
- Address Office of Science - Headquarters
P.O. Box 5088
Oak Ridge, TN 37831
US
- Name: Sharein Roman Camacho
- Email: [email protected]
Map