An official website of the United States government
The CISO will be responsible for leading, implementing and operating the House cybersecurity program, maintaining and updating a comprehensive cybersecurity strategy that ensures the confidentiality, integrity, and availability of the House’s information systems and resources. The CISO role requires a visionary, positive leadership focused individual with sound knowledge of cybersecurity fundamentals for risk management, incident management/response, and offensive engineering.
Learn more about this agency05/11/2022 to 06/01/2022
$185,387 - $185,387 per year
HS 15
1 vacancy in the following location:
No
Not required - Not required.
NoRelocation Description
Permanent
Full-time
Excepted
15
No
No
req511
653815800
The Office of the Chief Administrative Officer (CAO) provides operations support services and business solutions to the community of 10,000 House Members, Officers and staff. The CAO organization comprises more than 650 technical and administrative staff working in a variety of areas, including information technology, finance, budget management, human resources, payroll, child care, food and vending, procurement, logistics and administrative counsel.
The CISO will be responsible for leading, implementing and operating the House cybersecurity program, maintaining and updating a comprehensive cybersecurity strategy that ensures the confidentiality, integrity, and availability of the House’s information systems and resources. The CISO role requires a visionary, positive leadership focused individual with sound knowledge of cybersecurity fundamentals for risk management, incident management/response, and offensive engineering.
The ideal candidate is a thought leader, a consensus builder and builder of bridges between the cybersecurity office, its policies and strategy with the members, committees and leadership offices at the House, as well as with the other legislative branch agencies and oversight committees. The CISO must be able to translate complex technical concepts to non-technical audiences and to succinctly categorize and rank risk at higher and higher levels of leadership at the House. Finally, the CISO must be customer oriented, communicating the value of security to the organization to protect its reputational and data integrity.
The position has day-to-day supervisory/managerial responsibilities.
Primary Duties/Responsibilities:
• Maintains responsibility for the overall/comprehensive executive level management in the areas of Information Security.
• Acts as a senior advisor to the CAO, the CIO, and various House and legislative branch constituents on issues related to Information Security.
• Maintains responsibility for the development, socialization, approval and implementation of security policies.
• Appropriately assigns and monitors the progress of special limited-term projects and initiatives from assignment through completion.
• Briefs House leadership and officials on information security matters and issues.
• Provides appropriate assistance with computer forensics investigations to other House entities.
• Implements, manages, and operates systems to control access to House systems and data.
• Coordinates Members, Committees, and House Support Office security audits to ensure continued security of the network.
• Understands and interacts with related disciplines, either directly or through committees, to ensure the consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management
• Works with the vendor management office to ensure that information security requirements are included in contracts by liaising with vendor management and procurement organizations
• Assists with the identification of non-IT managed IT services in use ("citizen IT") and facilitates a corporate IT onboarding program to bring these services into the scope of the IT function, and apply standard controls and rigor to these services; where this is not possible, ensures that risk is reduced to the appropriate levels and ownership of this information security risk is clear
• Develops and maintains a document framework of continuously up-to-date information security policies, standards and guidelines. Oversees the approval and publication of these information security policies and practices
• Liaises with external agencies, such as law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies
• Creates a risk-based process for the assessment and mitigation of any information security risk in the ecosystem consisting of supply chain partners, vendors, consumers and any other third parties
• Coordinates the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support and in-house consulting in these areas
• On a continuous basis, evaluates overall Information Technology security direction of the House, ensuring that all activities are secure, effective, and efficient.
• Develops budget plans for the Information Security office personnel and non-personnel resources
• Ensures 24x7 hour coverage for Information Security office functions.
• Provides guidance to staff and supervisors on desired results and planning considerations, monitors progress of assigned projects, and provides additional resources as appropriate.
• Performs other official duties and special projects as assigned.
• Demonstrated experience and success in senior leadership roles in risk management, information security, and IT or OT security
• Bachelor’s degree in Information Systems or in a discipline related to the position, or an equivalent level of professional work experience required; advanced degree preferred.
• 12+ years of experience in professional, executive level information security roles, including administering Information Technology security policies, procedures, configuration management and quality assurance preferred.
• Successful senior level experience in corporate, legislative and/or government environments required.
• Experience successfully executing programs that meet the objectives of excellence in a dynamic environment
• Experience in progressive managerial/supervisory positions including effective use of employee performance plans and evaluations, coaching and mentoring techniques, and addressing employee conflicts and disciplinary actions required.
Continued employment is contingent upon satisfactorily completing a criminal history records check (or other applicable security clearance) and a pre-employment drug-test (pre-identified position only).
You will be evaluated for this job based on how well you meet the qualifications above.
You will be evaluated using a structured interview process.
Resume
Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education.
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.
Qualified candidates please submit your resume online by following the instructions in this link: ADD LINK
Qualified Candidates will be contacted directly.
The Federal hiring process is setup to be fair and transparent. Please read the following guidance.
This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/job/653815800. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.
Learn more about
