This position is located in the Department of Labor (DOL), Office of the Assistant Secretary for Administration and Management (OASAM), Office of the Chief Information Officer (OCIO), Directorate of Cybersecurity, Division of Information Security Policy & Planning, Audit Support Branch. More information on the OCIO is available at https://www.dol.gov/oasam/ocio/
- Position is outside the bargaining unit.
- Recruitment incentives may be considered.
- Announcement has an application limit of 75.Learn more about this agency
Major duties for this position include, but are not limited to the following:
- The incumbent oversees enterprise-wide Cybersecurity program policy and procedure activities ensuring Departmental and agency compliance. Ensures the confidentiality, integrity and availability of systems, networks, and data and enhances information security programs, policies, and tools.
- Serves as a key advisor on technical and non-technical matters related to the Department's Cybersecurity-related policies, practices and standards and how these interface with those of the Agencies and organizations within the Department, the Chief Information Officer, and other Government Agencies policy and planning advice to high level Government officials and committees for Cybersecurity related matters and advises other IT specialists on ways to protect their Agency's IT resources.
- Oversees periodic vulnerability assessments, administers or supports the administration of the Agency Computer Security Awareness Training program, and oversees Agencies' contingency/mitigation plans and incident response capability.
- Serves as a Departmental expert on Cybersecurity and is responsible for the coordination and integration of all aspects of the Department's cyber, telecommunications, and information security programs.
- Ensures effective use of security controls to protect the availability, integrity and confidentiality of the Department's information systems.
- Meets with Agency leadership on a regular basis to ensure Privacy security operating and Policy/procedure compliance.
- Conducts examinations of Agency information security policies and procedures to ensure their continued effectiveness. Examinations include periodic accountability reviews, vulnerability assessments, and surveys.
- Provides expert advice to the CISO. Promotes effective Agency security operations by implementing security controls, policies and procedures to protect the information and information resources of the Department, including linkage of security to the Department's capital planning, system development life cycle, and enterprise architecture activities. Establishes goals for improving the efficiency and effectiveness of the Department's Cybersecurity Program.
- Identifies and monitors costs associated with mitigation of specific weaknesses or vulnerabilities and reports these costs to the CISO. Supports the Capital Planning requirements for an annual budget report on information technology security expenses, to be included in the Department's budget submission to Congress, describing the progress in achieving mission goals to insure the protection of Departmental information and IT systems.
- As a member of the DIA participates in activities such as revisions to DOL IT security documentation (such as the DOL Computer Security Handbook) and reviews and comments on DOL Cybersecurity policy and procedure documents. Assures that Agency initiatives comply with all relevant DOL Cybersecurity standards.
- Develops, maintains and implements the Department's IT Security Training and awareness Program in conjunction with other appropriate Departmental IT officials and professionals.
- Is instrumental in the preparation and delivery of Department reporting requirements such as the Federal Information Security Management Act, the E-Govemment Act, and other reporting requirements from office such as the GAO, Office of the Inspector General and OMB.
- Conducts security forensic exploration and analysis of DOL employee system usage and behavior at the request of DOL Office of the Inspector General and DOL Senior Executive Management officials as a part of official investigations and provides reports to Agency management officials with respect to the inappropriate used of DOL information or information systems, disclosure of sensitive information, or other personnel-related matters, upon request.
- Actively support the Department of Labor's required participation in the National Cyber Incident Response Plan (NCIRP) National Level Exercises to coordinate cyber security exercises to provide assurance that DOL is able to respond to national cyber threats that may potentially impact the security of national federal government information systems. This position will also directly support the DOL required activity should the NCIRP be exercised in a real life federal government cyber-attack.
- Performs other duties as assigned.
Occasional travel - Occasional travel may be required.
14 - This position is at the Full-Performance Level (FPL).
Job family (Series)
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/568848900. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.