Due to the Pandemic, and individual states with different phases of reopening, your report date to your official duty station/facility may be delayed until such time as employees are allowed to report to the workplace. You may telework up to the maximum extent possible, up to and including full time, until it is safe to relocate.Learn more about this agency
The incumbent of this position will serve as a Supervisory IT Specialist for Security and Privacy Risk Management (AIS-20). He/she will report directly to AIS-1 and AIS-2. Incumbent will serve as a first or second level supervisor typically over more than one unit/project/program within a major subdivision; planning both routine and complex work to be accomplished, assigning work, setting priorities and reviewing and evaluating work and performance of subordinates; Coaching and developing employees; approving leave; taking, recommending or approving disciplinary actions; Managing budget and assigned resources including planning for both short-term and long-term needs utilizing advanced technical knowledge of work as well as budget, human resources, and applicable administrative policies and processes; Resolving all but unique problems independently and recommending new policies and procedures that impact the objectives of the unit(s) managed as well as internal and external customers.
In addition, the incumbent will be responsible for providing enterprise Security Risk Management support, and leads the assessment, determination, and correlation of quantitative and qualitative values of security risk related to an identified situation and a recognized threat. AIS-20 establishes and communicates the security and privacy risk tolerance of the enterprise in the form of policies, and performs periodic security and privacy risk assessments for the enterprise to ensure risk mitigations are in place and tolerance is being met. Works with security architects to develop and implement solutions that meet the risk tolerance while achieving business goals.
Incumbent should be a self-starter, requiring minimal supervision, able to guide his/her own work in a meaningful and responsible manner. Incumbent should possess expert knowledge of Federal laws, policies, standards, requirements, and guidelines pertaining to security. The Security and Privacy Risk Management supports security and privacy initiatives including: Security Number Reduction, Data Loss Prevention, Cloud security architecture development and the Continuous Diagnostics and Mitigation (CDM) program. The incumbent also Provides enterprise Security Risk Management support, and leads the assessment, determination, and correlation of quantitative and qualitative values of security risk related to an identified situation and a recognized threat. Furthermore, they establish and communicate the security and privacy risk tolerance of the enterprise in the form of policies, and performs periodic security and privacy risk assessments for the enterprise to ensure risk mitigations are in place and tolerance is being met and works with security architects to develop and implement solutions that meet the risk tolerance while achieving business goals. In addition, the incumbent directly supports the AIS Director and Deputy Director in internal and external engagement activities. Examples include briefings to senior FAA leadership and the Cybersecurity Steering Committee.
This Security and Privacy Risk Management position is also responsible for AIS program control functions including AIS budget development and management, project planning and tracking and technical contract oversight.
Occasional travel - The job may require travel from time- to-time, but not on a regular basis. The travel may be for training or other work-related duties.
Job family (Series)
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/584402100. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.