The Senior Officer-Chief Information Security Officer position is in the Office of Information Technology located in Washington, DC. This position is open to US citizens.

Duties

At the Securities and Exchange Commission (SEC), we are committed to diversity, equity, inclusion and accessibility (DEIA) and value a workforce that reflects the diverse experiences and perspectives of the communities we serve. As such, we welcome applications from qualified individuals of all backgrounds who share our commitment to public service. The Office of Information Technology (OIT) supports the Commission and staff of the SEC in all aspects of information technology. The office has overall management responsibility for the Commission's IT program including application development, infrastructure operations and engineering, user support, IT program management, capital planning, security, and enterprise architecture. OIT also maintains a very active website that contains a wealth of information about the Commission and the securities industry, and also hosts the Electronic Data Gathering Analysis and Retrieval (EDGAR) database for free public access. Typical duties include: Strategically leading, implementing, monitoring, reporting and continuously improving the SEC's Information Security Program. Continuously evaluating and making recommendations to Agency management regarding the adequacy of the Agency's IT general and security controls for the Agency's technology systems. Establishing security and privacy related policies and processes for the internal IT management functions needed to effectively coordinate the large portfolio of activities and services in the SEC. Identifying, assessing and prioritizing IT risks to Agency data and systems. Ensuring the Chief Information Security Office (CISO) programs and initiatives are strategically aligned and communicated throughout the agency. Overseeing the Commission's Security Operations Center to ensure compliance with best practices and keep pace with emergent cyber security threats. Conducting and supporting regular internal and external security assessments, table top exercises, penetration tests, and playbook development to proactively test the effectiveness of the SEC's IT Security Program. Preparing an annual budget report on for the SEC's cyber-security program, to be included in the Commission's budget submission to Congress, describing the progress in achieving mission goals to ensure the protection of Commission information and IT systems. Recommending modifications and solutions for reducing IT security risks and develops strategies for responding to future IT security challenges.

Requirements

• You must be a US Citizen.
• Application procedures are specific to this vacancy announcement. Please read all the instructions carefully. Failure to follow the instructions may result in you not being considered for this position.
• Supplementary vacancies may be filled in addition to the number stated in this announcement.
• This position has promotion potential to the SO-02 level.
• PROBATIONARY PERIOD: This appointment may require completion of a two year supervisory/managerial probationary period.
• SECURITY CLEARANCE: Entrance on duty is contingent upon completion of a pre-employment security investigation. Favorable results on a Background Investigation may be a condition of employment or selection to another position.
• DRUG TESTING: This position may be subjected to drug testing requirements.
• PERMANENT CHANGE OF STATION (PCS): Moving/Relocation expenses are not authorized.
• DIRECT DEPOSIT: All Federal employees are required to have Federal salary payments made by direct deposit to a financial institution of their choosing.
• This position is not in the collective bargaining unit.
• This is a term appointment not-to-exceed 4 years, with the option to extend up to an additional 4 years. The appointment may not exceed a total of eight years.
• This position is eligible to request telework in accordance with the SEC 's telework policy.
• Existing Participants in the SEC’s Remote Telework Program are eligible to apply for this position. If selected, management will evaluate and communicate whether the position will allow for continued participation in Remote Telework.

Qualifications

All qualification requirements must be met by the closing date of this announcement. Qualifying experience may be obtained in the private or public sector. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. BASIC REQUIREMENT: Applicant must possess IT related experience demonstrating each of the four competencies: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. MINIMUM QUALIFICATION REQUIREMENT: In addition to meeting the basic requirement, applicants must also meet the minimum qualification requirement. SO-01: Candidates must have at least one year of specialized experience equivalent to at least the GS/SK-14 level. Specialized experience includes: Overseeing a large-scale information security program on an automated and continuous basis, e.g. overseeing real-time cyber defense incident response; monitoring cyber threats and vulnerabilities; and managing incident response plans.

Contacts

• Address Office of Information Technology 100 F Street NE Washington, DC 20549 US
• Name: ask HR
• Email: [email protected]