This position is in the Office of the Chief Operating Officer (OCOO), Office of the Chief Risk Officer, located in Washington, DC.Learn more about this agency
This position reports directly to the Agency's Chief Risk Officer who is responsible for leading the enterprise's risk management function, promoting a risk-aware culture across the agency, and advancing the implementation of effective risk management practices to help ensure that key risks to current and future mission success are appropriately managed.
This position is part of a new and growing office. If selected, you will assist with building the office from the ground up and serve as a key adviser on risk, including cyber and information security risk.Other duties include:
- Assist the Chief Risk Officer in the oversight of the enterprise risk management program, to include identifying, assessing, prioritizing, mitigating, monitoring, and reporting on key cyber and information security risks that could impair the agency's ability to achieve its mission or goals.
- Analyze and review current risks and threats, anticipate future risks to the SEC information technology and cybersecurity posture, and make recommendations to mitigate vulnerabilities
- Utilize new technologies, which will increase the security of SEC's existing and emerging IT systems.
- Assist with enhancing the Agency's Chief Risk Officer Function; e.g., developing and drafting mandate, policies, standard operating procedures and other required documentation from a cyber-risk perspective to enhance program effectiveness.
- Assist with the assessment of internal controls, in particular considering cyber risk and exposure of the agency's IT systems and data as required by the Federal Managers Financial Integrity Act (FMFIA) and OMB Circular No. A-123 (Management's Responsibility for Enterprise Risk Management and Internal Controls), GAO Standards for Internal Control in the Federal Government (Green Book), and other guidance.
- Collaborate with key personnel including Division and Office Heads to ensure internal and external cyber related risk analysis and considerations are applied to programs enterprise wide.
- Assist and execute on other duties as assigned related to risk management, internal controls, and audits of the Agency's operations.
Job family (Series)
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/556092000. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.