About this agencyLearn more about this agency
This announcement will be used to fill vacancies through OPM-authorized Direct Hire Authority (DHA) for IT Specialist (Information Security and Cybersecurity), GS-2210-09 through GS-2210-15; 5 U.S.C. 3304(a)(3), 5 CFR part 337. This position is processed under Direct Hire authority, veterans preference and Category Rating procedures DOES NOT APPLY.
This position serves as a Director and Chief Information Security Officer (CISO) and senior subject matter expert and principal technical advisor and consultant to the CIO, and is responsible for providing strategic leadership vision, direction, and coordination in support of IT Security and Privacy Program activities across EXIM. This position is required for the protection of information and information systems and for providing a framework to manage and measure IT Security program performance, promote increased cybersecurity awareness throughout EXIM, and to reduce potential breaches of sensitive EXIM information and the compromise of information systems.
The CISO reports to the Chief Information Officer (CIO) located in the Office of Information Management and Technology.
Duties include, but are not limited to:
- Oversees the cybersecurity and privacy program for EXIM's information systems and networks, including managing information security implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, requirements, policy enforcement, emergency planning, security awareness, and other resources. Provide leadership, management, direction, and/or development and advocacy so the organization may effectively conduct cybersecurity work while balancing user experience requirements.
- Executes decision-making authorities and establishes vision and direction for an organization's cyber and cyber-related resources. Directs and manages all cyber components to ensure successful, secure accomplishment of the Bureau's mission. Develop policy, plans, and strategies in compliance with laws, regulations, policies, and standards for a public cloud first, zero-trust environment. Provide senior level support of organizational cyber activities and relates strategy, business, and technology in the context of Bureau organizational dynamics.
- Leads the effort to maximize the integration between all Federal reporting (including FISMA) and the process for assessment and authorization (A&A) to ensure increased continuous monitoring and remediation of IT system threats and vulnerabilities. Oversee and ensure that the applied controls for each service (including cloud & shared services) and information system (and associated facility) provide a level of security commensurate with the risk and magnitude of the harm that could result from the loss, misuse, disclosure, or modification of the information contained in cloud services or shared services. Serve as EXIM's cyber security strategist in the continued reassessment of the environment to ensure that controls are sufficient; to identify revisions to plans, policies, or procedures as appropriate; and to compile and summarize information/statistics related to cyber security programs.
- Anticipates new security threats. Research IT security trends (such as Zero-Trust, Zero Client devices, public cloud Software as a Service (SaaS), Identity Management as a Service, and Security as a Service) and uses this information to forecast additional IT security needs and requirements for EXIM. Frequently works on unprecedented problems, issues, and concerns regarding IT security. Develop and recommend appropriate responses to these unique information security problems and assesses potential impact of such responses. Stays abreast of changes and advances in the areas of information technology, public cloud computing security, mobility, national security, critical infrastructure protection, interagency security, industrial security, systems security, physical security and other disciplines that could impact the management and administration of the EXIM's Cyber Security Program.
- Supervises and provides technical direction to subordinate staff. The incumbent's administrative responsibilities include preparing the office's personnel, training, travel, and equipment budgets. Supervisory responsibilities include full authority for organizing and managing the office; assigning, directing, and reviewing the work of subordinates planning and carrying out the training and development of employees; providing direct oversight of new personnel or staff on rotational assignments; evaluating employees work performance; selecting, promoting, rewarding, disciplining and separating employees; and meeting equal employment opportunity and affirmative action goals and objectives in the performance of supervisory duties, as well identifying and recommending appropriate solutions to personnel issues that may arise.
Occasional travel - You may be expected to travel for this position.
Job family (Series)
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/502172400. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.