When disaster strikes, America looks to FEMA. Now FEMA looks to you. Join our team and use your talent to support Americans in their times of greatest need. The Federal Emergency Management Agency (FEMA) prepares the nation for all hazards and manages Federal response and recovery efforts following any national incident. We foster innovation, reward performance and creativity, and provide challenges on a routine basis with a well-skilled, knowledgeable, high performance workforce. Please visit www.fema.gov for additional information.Learn more about this agency
The ideal candidate is thorough when performing work and conscientious about attending to detail. Works well with clients and customers to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services. This position starts at a salary of $131,767 (GS-15). Apply for this exciting opportunity to become a member of the Office of the Chief Information Officer team within FEMA.
EMERGENCY ASSIGNMENT: Every FEMA employee has regular and recurring emergency management responsibilities, though not every position requires routine deployment to disaster sites. All positions are subject to recall around the clock for emergency management operations, which may require irregular work hours, work at locations other than the official duty station, and may include duties other than those specified in the employee's official position description. Travel requirements in support of emergency operations may be extensive in nature (weeks to months), with little advance notice, and may require employees to relocate to emergency sites with physically austere and operationally challenging conditions.
In this position, you will serve as the senior agency official responsible for implementation and maintenance of the agency information security program and security policies. The Chief Information Security Officer will provide agency-wide program and technical leadership in ensuring the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, and development. You will address the practical and statutory requirements for an Agency-wide computer security program, including the Federal Information Security Management Act (FISMA) of 2002, Information Management Technology Reform Act (IMTRA), OMB Circular A-130, National Institute of Standards and Technology (NIST) guidance and FEMA policies. Typical assignments include:
- Guiding the development and implementation of policies and associated standards, procedures and implementation guidance. These policies are designed to meet the statutory and practical requirements associated with the use of information technology solutions in a Federal environment: to meet statutory requirements, these policies direct the implementation of requirements put forth in public laws, Executive Branch directives, Federal standards, and Agency specific policies: these policies describe the risk mitigation strategy approved by Agency management; to meet practical requirements, these policies are designed to ensure information systems, networks, and data; implements policies for the following: Security Certification and Accreditation (C&A) of all Agency developed and/or acquired General Support Systems and Major Applications; compliance with and reporting violations of mandated rules. Providing oversight and guidance to the Security Operations Center (SOC); coordinating with the SOC and responding to attacks on Agency systems by people or malicious code agents; intrusion and anomaly detection; education and awareness of all managers and users of Agency systems; ensuring that capital planning includes the costs of security; policies for contingency and continuity of business planning; and network perimeter security management.
- Directing the development and implementation of technical and business contingency planning; consulting with program officials and providing guidance to develop systems security contingency plans and disaster recovery procedures, working in conjunction with program officials and system managers to prescribe methodologies for risk analysis and vulnerability assessment.
- Supervising structured security certification and accreditation activities for all types of information technology solutions supporting Agency assets. Activities include risk assessments, documentation development, security testing and evaluation, formal and informal presentations, and project specific actions. Providing formal recommendations to the CIO regarding approval of certification and accreditation statements.
- Oversight of the Agency-wide assessments of security events to determine impact. Assessments include the use of computer forensics principles; ensuring proper protection of evidence used in the investigation and prosecution of computer crimes; directing the gathering, analysis, preservation of evidence, and notifying the proper authorities in the event of actual or suspected violations.
Occasional travel - This position may require occasional non-emergency travel.
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/479108200. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.