Job opening: Senior Information System Security Manager (ISSM)
Salary: $163 964 - 191 900 per year
Relocation: YES
Published at: Jul 02 2024
Employment Type: Full-time
The Intelligence Community (IC) Chief Information Office (CIO) is responsible for advancing the Intelligence Community's mission by driving secure collaboration, integration, and information sharing; identifying and addressing information enterprise risks; and providing strategic leadership and oversight of the IC's enterprise architecture and enterprise information technology.
Duties
The Cybersecurity Group (CSG) oversees IC-wide efforts to safeguard the IC Information Environment (IE) in support of the DNI's Title 44 statutory responsibilities. With a focus on security aspects of the IC IE, utilizes proactive oversight and management levels of governance, policy, standards, architecture, engineering, risk management, investment management, along with independent verification and validation, to drive a secure, robust, and integrated IC IE aligned with IC mission-related objectives and strategies. The Director of CSG is dual-hatted as the IC Chief Information Security Officer (IC CISO). The CSG Senior Information System Security Manager (ISSM) involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. The ISSM is responsible for the planning, development, implementation, and management of cybersecurity programs in support of the CSG Technical Security Division (TSD) Chief.
Serve as the Senior ISSM responsible for the planning, development, implementation, and management of cybersecurity programs in support of the CSG Technical Security Division (TSD) Chief.
Provide operational oversight of the Data Security and Standards Team (DAST) for the development of common IC data and metadata specifications for the protection and sharing of intelligence and entity data.
Ensure the confidentiality, integrity, and availability of systems, networks, and data through planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.
Provide management and oversight of the Joint Verification and Validation (JV2) Team responsible to conduct security control assessments of cloud service provider (CSP) fabrics, systems, and services to identify risk.
Enable the IC mission through the effective execution of the Risk Management Framework (RMF) and the application of adequate security controls across the entirety of the IC Information Environment (IE).
Serve as a principal advisor on all information system security matters and is a subject matter expert in applying IC Directive (ICD) 503, Committee on National Security Systems (CNSS) 125, and National Institute for Standards and Technology (NIST) Special Publication (SP) 800-53.
Execute functions that include cybersecurity policy interpretation, reviewing security control assessment findings, providing briefings and presentations to senior audiences, negotiating among differing parties, and formulating positions across a wide range of cybersecurity issues.
Provide senior level analysis and review of risk considerations (mission, security, and cost tradeoffs) in context of IC missions, interpreting Security Assessment Reports (SARs), Risk Assessment Reports (RARs), Plans of Action and Milestones (POA&Ms), and System Security Plans (SSPs), providing critical thinking in applying security controls to system design and risk determinations.
Perform and provides risk tradeoff analysis to implement the policies, processes, models, assessments, and standards needed to recommend risk acceptance for complex systems and missing enablement.
Apply expert knowledge of the principles of zero trust including the planning, development, and implementation of the IC Zero Trust Framework across the IC.
Collaborate directly with senior security managers charged with developing security guidelines for the IC.
Requirements
- Must be a U.S. Citizen residing in the United States
- Appointment is subject to a suitability or fitness determination, as determined by a completed background investigation.
- Must be able to obtain and maintain a Top Secret security clearance based on an SBI with eligibility for sensitive compartmented information (SCI)
- Male applicants born after December 31, 1959, must complete a Pre-Employment Certification Statement for Selective Service Registration.
- A two-year trial period is required for all new permanent appointments to the ODNI.
Qualifications
Mandatory Requirements:
Expert knowledge of information technology infrastructure including operating systems, major application systems, and network architecture.
Expert knowledge of IC cybersecurity policies, procedures, and practices, as well as the implications of those policies on component Information Technology (IT) systems and security issues.
Expert program management, analytic, and critical thinking skills, including a superior ability to conduct cybersecurity program assessments, identify needs and requirements, and develop process improvement recommendations for the successful implementation of IC cybersecurity programs.
Superior ability to communicate, both verbally and in writing, complex information in a clear, concise manner that is targeted to and meets the needs of diverse audiences with different perspectives and objectives.
Superior ability to handle the most difficult, politically sensitive, or highly visible situations.
Work effectively both independently and in a team or collaborative environment, mentor junior colleagues, and utilize strong organizational and interpersonal problem-solving skills.
Superior ability to establish regular contact with high-level internal and external resources and customers, supplying or seeking information on security programs and issues; superior use of tact when expressing ideas or opinions to senior leaders, customers, contractors, and other stakeholders.
Superior ability to listen to, clarify, and convey an understanding of others' ideas, comments, and questions, and integrate and build upon diverse opinions in a manner that encourages the formation of integrated solutions and positions.
Bachelor Degree or equivalent experience of 10 years in one of the following concentrations Computer Science, cybersecurity, engineering, information science, Information Systems Management, or closely related discipline.
Desired Requirements:
CISSP, Security+, or a related cybersecurity certification.
Education
Bachelor's degree
Contacts
- Address IC CYBER SECURITY GROUP
Director Of National Intelligence
Washington, DC 20511
US
- Name: Vacancy Team ODNI
- Email: [email protected]
Map