The Associate Chief Information Officer for Security Operations is responsible for leading and managing all function of the day-to-day operation of the Treasury Shared Services Security Operation Center (TSOC), which is the enterprise SOC for the Department. The TSOC operates 24×7×365 and provides threat defense, threat detection, threat intelligence, digital forensics, and incident response functions for both unclassified and classified systems.
Summary
The Associate Chief Information Officer for Security Operations is responsible for leading and managing all function of the day-to-day operation of the Treasury Shared Services Security Operation Center (TSOC), which is the enterprise SOC for the Department. The TSOC operates 24×7×365 and provides threat defense, threat detection, threat intelligence, digital forensics, and incident response functions for both unclassified and classified systems.
Threat defense: the incumbent will lead a cross-functional team of Departmental stakeholders to identify and implement protective controls that minimize Treasury's attack surface, reduce critical points of exposure, increase the efficacy of existing/new technical countermeasures, and drive cost effectiveness through the development of economies of scale.
Threat detection: the incumbent shall operate a set of technical capabilities that ingest signal from internal sensors (e.g., endpoint agents, proxies, firewalls, packet capture, netflow) and capture telemetry from external sources (e.g., vulnerability scans, vulnerability disclosures, third parties). to identify threats.
Incident response: the incumbent oversees all activities as captured in the Departmental incident response plan, including but not limited to incident characterization, incident severity determination, and incident declaration, along with containment, eradication, and post-mortem analysis/actions. The incumbent shall use digital forensics to support these activities.
Provides executive guidance to establish and manage relationships with external USG parties (intelligence community, law enforcement, national security) and external commercial parties (hardware/software vendors, service providers) to enrich and advance the Department's approach to active defense.
Oversees and manage the Security Operations Center budget. Leading the work of a subordinate a hybrid staff of federal/contracted practitioners and specialists that are focused on ensuring the confidentiality, integrity, and availability of all Treasury's classified and unclassified systems.
Communicate to the CIO, DCIO, and other programs and policy officials regarding Treasury's active defense activities. Provides authoritative recommendations and solutions to problems and challenges with respect to federal mandates/legislation, risk management, and improvement of operational capabilities.
This requirement is directly attributable to Executive Order 14028 on Improving the Nation's Cybersecurity, along with numerous other Federal government cybersecurity mandates, guidance, and requirements from ONCD, OMB, NIST, and/or the Legislature.
Initial appointments are required to serve a probationary period of 1 year.
Financial disclosure is required.
Must be able to obtain and maintain a Top-Secret/SCI clearance.
Must be a U.S. Citizen
Qualifications
Qualifications: As a basic requirement, applicants must possess the Mandatory Technical Qualifications and Executive Core Qualifications listed below. Typically, qualified applicants will have gained experience of this nature at or above the (GS)-15 grade level or its equivalent in the public or private sector. To be qualified for this position, your resume must reflect experience in a managerial capacity. Typically, experience of this nature is gained at or above the GS-15 grade level in the Federal service, or its equivalent with state or local government, the private sector, or nongovernmental organizations. As such, your resume must demonstrate that you have the knowledge, skills, and abilities to successfully fulfill responsibilities inherent in most SES positions such as:
Directing the work of an organizational unit
Ensuring the success of one or more specific major programs or projects
Monitoring progress toward strategic organizational goals, evaluating organizational performance and taking action to improve performance.
Supervising the work of other managers and exercising important policymaking, policy determining, or other executive functions.
Failure to meet the basic qualification requirement and address all Mandatory Technical Qualifications and Executive Core Qualifications will result in your application being disqualified. The ECQs were designed to assess executive experience and potential not technical expertise. They measure whether an individual has the broad executive skills needed to succeed in a variety of SES positions. All applicants that are not already QRB certified, must submit a separate written narrative addressing the ECQs. Your narrative must address each ECQ separately and should contain at least two examples per ECQ describing your experiences and accomplishments/results. The narrative should be clear and concise, emphasizing your scope and level of responsibility, the complexity of programs managed, your initiatives and accomplishments, and the results of your actions.
The narrative must not exceed 10 pages. NOTE: Current career SES members, former career SES members with reinstatement eligibility, and SES Candidate Development Program graduates who have been certified by OPM do NOT need to address the ECQs:
Leading Change: This core qualification involves the ability to bring about strategic change, both within and outside the organization, to meet organizational goals. Inherent to this ECQ is the ability to establish an organizational vision and to implement it in a continuously changing environment. Competencies: creativity and innovation, external awareness, flexibility, resilience, strategic thinking, vision
Leading People: This core qualification involves the ability to lead people toward meeting the organizations vision, mission, and goals. Inherent to this ECQ is the ability to provide an inclusive workplace that fosters the development of others, facilitates cooperation and teamwork, and supports constructive resolution of conflicts. Competencies: conflict management, leveraging diversity, developing others, team building
Results Driven: This core qualification involves the ability to meet organizational goals and customer expectations. Inherent to this ECQ is the ability to make decisions that produce high quality results by applying technical knowledge, analyzing problems, and calculating risks. Competencies: accountability, customer service, decisiveness, entrepreneurship, problem solving, technical credibility
Business Acumen: This core qualification involves the ability to manage human, financial, and information resources strategically. Competencies: financial management, human capital management, technology management
Building Coalitions: This core qualification involves the ability to build coalitions internally and with other Federal agencies, State and local governments, nonprofit and private sector organizations, foreign governments, or international organizations to achieve common goals. Competencies: partnering, political savvy, influencing/negotiating
Fundamental Competencies: These competencies are the foundation for success in each of the Executive Core Qualifications: Interpersonal Skills, Oral Communication, Continual Learning, Written Communication, Integrity/Honesty, Public Service Motivation. The Fundamental Competencies are crosscutting and should be addressed over the course of each ECQ narratives.
When completing Executive Core Competencies, applicants should follow the Challenge, Context, Action and Result (CCAR) model outlined in the guide.
Challenge - Describe a specific problem or goal.
Context - Describe the individuals and groups you worked with, and/or the environment in which you worked, to address a particular challenge (e.g., clients, co-workers, members of Congress, shrinking budget, low morale).
Action - Discuss the specific actions you took to address a challenge.
Result - Give specific examples of measures/outcomes that had some impact on the organization. These accomplishments demonstrate the quality and effectiveness of your leadership skills.
Additional information about the SES and Executive Core Qualifications can be found on the Office of Personnel Management (OPM) SES Website. You are strongly encouraged to review OPMs Guide to SES Qualifications for specific examples and guidance on writing effective ECQ narrative statements.
MANDATORY TECHNICAL QUALIFICATIONS (MTQs): All applicants must submit a written narrative that addresses each of the MTQs separately. The narrative must not exceed one (1) page per MTQ. Applicants who fail to adhere to the one (1) page per MTQ limit will be disqualified and no longer considered for the position. In addition to the ECQs, applicants must possess the following technical qualifications that represent the knowledge, skills, and abilities essential to perform the duties and responsibilities of the position. You must fully address each MTQ to be rated for further consideration.
MTQ 1: IT Security Operation Center (SOC)
Demonstrated experience in leading and managing functions of day-to-day operations of a Security Operation Center (SOC), which provides threat defense, threat detection, threat intelligence, digital forensics, and incident response functions systems.
MTQ 2: IT Incident Response
Demonstrated executive knowledge of and experience in IT Incident Response. Demonstrated experience leading operations for a portfolio of enterprise IT Incident Response activities such as incident characterization, incident severity determination, and incident declaration, along with containment, eradication, and post-mortem analysis/actions.
MTQ 3: IT Threat Defense
Demonstrated experience in IT Threat Defense in terms of leading a cross-functional team of stakeholders to identify and implement protective controls that minimize an organization's attack surface, reduce critical points of exposure, increase the efficacy of existing/new technical countermeasures, and drive cost effectiveness through the development of economies of scale.
Education
This job does not have an education qualification requirement.
Additional information
CONDITIONS OF EMPLOYMENT:
A one-year SES probationary period may be required.
Must successfully complete a background investigation.
Have your salary sent to a financial institution of your choice by Direct Deposit/Electronic Funds Transfer.
If you are a male applicant born after December 31, 1959, certify that you have registered with the Selective Service System or are exempt from having to do so.
Go through a Personal Identity Verification (PIV) process that requires two forms of identification from the Form I-9. Federal law requires verification of the identity and employment eligibility of all new hires in the U.S.
File a Confidential Financial Disclosure Report within 30 days of appointment and annually from then on.
Equal Employment Opportunity Policy
The United States Government does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor.
Federal agencies must provide reasonable accommodation to applicants with disabilities where appropriate. Applicants requiring reasonable accommodation for any part of the application process should follow the instructions in the job opportunity announcement. For any part of the remaining hiring process, applicants should contact the hiring agency directly. Determinations on requests for reasonable accommodation will be made on a case-by-case basis. A reasonable accommodation is any change to a job, the work environment, or the way things are usually done that enables an individual with a disability to apply for a job, perform job duties or receive equal access to job benefits.
This position requires that the successful candidate undergo personnel vetting, which includes a background investigation and enrollment upon onboarding into "Continuous Vetting." Enrollment in Continuous Vetting will result in automated record checks being conducted throughout one's employment with Treasury. The successful candidate will also be enrolled into FBI's Rap Back service, which will allow Treasury to receive notification from the FBI of criminal matters (e.g., arrests, charges, convictions) involving enrolled individuals in near real-time.
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
How you will be evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
1. Applicants meeting the minimum qualification requirements will be eligible for consideration in this process. Applicants will be rated based on the quality and extent of their leadership skills, technical experience, and accomplishments, as shown in their resume and as described in their Executive Core Qualifications (ECQs) and Technical Qualifications narratives.
2. Applicants are required to submit separate narrative statements specifically addressing the Executive Core Qualifications (ECQs) and the Technical Qualifications. These narratives are mandatory for consideration in the process. The ECQs describe the leadership skills needed to succeed in the Senior Executive Service and are in addition to the job-specific Technical Qualifications. To assess the executive potential of each candidate, applicants must demonstrate their experience relevant to each ECQ. The ECQ narrative must show specific examples of the applicant's accomplishments and experience as it relates to the OPM-defined competencies and associated ECQs. Each example should clearly describe the setting in which the experience was acquired (e.g., organizational size, level, budget, and challenges), the specific actions taken to address the challenges, and the impact/result the action had on the organization/agency/government/public. Examples should clearly correlate to the experience listed in the applicant's resume.
3. a. Current or former career Senior Executive Service employees are not required to address the ECQs, but it is MANDATORY to provide the Technical Qualifications narrative, a resume, and a SF-50 (Notification of Personnel Action) that documents your career appointment status in the SES. b. SES Candidate Development Program (SESCDP) graduates who have not been appointed to a career Senior Executive Service appointment are not required to address the ECQs, but it is MANDATORY to provide the Technical Qualifications narrative, a resum, and a copy/proof of your OPM QRB certification.
4. Qualified applicants will be evaluated by a panel of current agency executives. Those determined best qualified will advance in the process and may be offered the opportunity to participate in the interview process. The selectee must already be certified by an OPM Qualifications Review Board (QRB) or receive certification prior to being appointed to this position. Additional information about the SES and Executive Core Qualifications is available at http://www.opm.gov/policy-data-oversight/senior-executive-service/executive-core-qualifications/#url=Overview
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
2) A separate narrative of 10-pages or less that addresses the Executive Core Qualifications (ECQs). Pages beyond the first ten (10) will not be considered in the process. Current and former career Senior Executive Service employees and graduates of a SES Candidate Development Program who have been certified by OPM's QRB are not required to address the ECQs. ECQ narratives are MANDATORY for all other applicants in order to be considered.
3) A separate narrative that addresses each of the Mandatory Technical Qualifications (MTQs). It is MANDATORY for all applicants to submit this narrative. The narrative must address each of the MTQs separately and must not exceed one (1) page per MTQ. Applicants who fail to adhere to the one (1) page per MTQ limit will be disqualified and no longer considered for the position.
4) SF-50 (or other personnel action that verifies civil service). Current Federal employees must submit their most recent SF-50 (Notification of Personnel Action) that documents current tenure, position title, series, and grade level. Current or former SES must submit a SF-50 that documents career appointment status in the SES.
5) Proof of OPM QRB Certification. SES Candidate Development Program (SESCDP) graduates that have not been appointed to the SES must submit a copy of their OPM QRB Certification. This document should be uploaded under the "other document type" field.
Applicants who fail to submit ALL required documents WILL NOT receive consideration for this position. Application will result in an "Incomplete" rating. NOTE: YOU MUST SUBMIT ALL DOCUMENTATION BY 11:59 P.M. EST ON THE CLOSING DATE OF THIS ANNOUNCEMENT TO BE ELIGIBLE FOR CONSIDERATION.
The following instructions outline our application process: You must complete this application process and submit any required documents by 11:59 p.m. Eastern Time (ET) on the closing date of this announcement. We are available to assist you during business hours (normally 8:00 a.m. - 4:00 p.m. ET, Monday - Friday). If applying online poses a hardship, please contact us by noon ET on the announcement's closing date.
To begin, either click the "Create a New Account" button and follow the prompts to register or if you previously registered, click the "Apply Online" button and follow the prompts.
You will be re-directed to Treasury's (CIO helpdesk email will be established and listed here) system to complete your application process; answer the online questions, and submit all required documents. (To submit supporting documents, click one of the available options; Upload; Fax; or Reuse existing documents. To protect your privacy, we suggest you first remove your SSN). Also, go to "My Account" to view and update your information, as necessary.
To complete, you must click the "Finish" button located at the bottom of the "Application Review" page.
To verify your application is complete, log into your USAJOBS account, select the Application Status link and then select the more information link for this position. The Details page will display the status of your application and the documentation received.
To return to an incomplete application, log into your USAJOBS account and click Update Application in the vacancy announcement. You must re-select your resume and/or other documents from your USAJOBS account or your application will be incomplete.
If you are experiencing system issues with your application, please submit a ticket through the usajobs portal.
You may check the status of your application for this position at any time by logging onto the USAJOBS "My Account" tab and clicking on "Application Status". For a more detailed update of your application status, you may click on "more information."
Please notify us if your contact information changes after the closing date of the announcement. Also, note that if you provide an email address that is inaccurate or if your mailbox is full or blocked (e.g., spam-blocker), you may not receive important communication that could affect your consideration for this position.
The Federal hiring process is setup to be fair and transparent. Please read the following guidance.
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
2) A separate narrative of 10-pages or less that addresses the Executive Core Qualifications (ECQs). Pages beyond the first ten (10) will not be considered in the process. Current and former career Senior Executive Service employees and graduates of a SES Candidate Development Program who have been certified by OPM's QRB are not required to address the ECQs. ECQ narratives are MANDATORY for all other applicants in order to be considered.
3) A separate narrative that addresses each of the Mandatory Technical Qualifications (MTQs). It is MANDATORY for all applicants to submit this narrative. The narrative must address each of the MTQs separately and must not exceed one (1) page per MTQ. Applicants who fail to adhere to the one (1) page per MTQ limit will be disqualified and no longer considered for the position.
4) SF-50 (or other personnel action that verifies civil service). Current Federal employees must submit their most recent SF-50 (Notification of Personnel Action) that documents current tenure, position title, series, and grade level. Current or former SES must submit a SF-50 that documents career appointment status in the SES.
5) Proof of OPM QRB Certification. SES Candidate Development Program (SESCDP) graduates that have not been appointed to the SES must submit a copy of their OPM QRB Certification. This document should be uploaded under the "other document type" field.
Applicants who fail to submit ALL required documents WILL NOT receive consideration for this position. Application will result in an "Incomplete" rating. NOTE: YOU MUST SUBMIT ALL DOCUMENTATION BY 11:59 P.M. EST ON THE CLOSING DATE OF THIS ANNOUNCEMENT TO BE ELIGIBLE FOR CONSIDERATION.
The following instructions outline our application process: You must complete this application process and submit any required documents by 11:59 p.m. Eastern Time (ET) on the closing date of this announcement. We are available to assist you during business hours (normally 8:00 a.m. - 4:00 p.m. ET, Monday - Friday). If applying online poses a hardship, please contact us by noon ET on the announcement's closing date.
To begin, either click the "Create a New Account" button and follow the prompts to register or if you previously registered, click the "Apply Online" button and follow the prompts.
You will be re-directed to Treasury's (CIO helpdesk email will be established and listed here) system to complete your application process; answer the online questions, and submit all required documents. (To submit supporting documents, click one of the available options; Upload; Fax; or Reuse existing documents. To protect your privacy, we suggest you first remove your SSN). Also, go to "My Account" to view and update your information, as necessary.
To complete, you must click the "Finish" button located at the bottom of the "Application Review" page.
To verify your application is complete, log into your USAJOBS account, select the Application Status link and then select the more information link for this position. The Details page will display the status of your application and the documentation received.
To return to an incomplete application, log into your USAJOBS account and click Update Application in the vacancy announcement. You must re-select your resume and/or other documents from your USAJOBS account or your application will be incomplete.
If you are experiencing system issues with your application, please submit a ticket through the usajobs portal.
You may check the status of your application for this position at any time by logging onto the USAJOBS "My Account" tab and clicking on "Application Status". For a more detailed update of your application status, you may click on "more information."
Please notify us if your contact information changes after the closing date of the announcement. Also, note that if you provide an email address that is inaccurate or if your mailbox is full or blocked (e.g., spam-blocker), you may not receive important communication that could affect your consideration for this position.
The Federal hiring process is setup to be fair and transparent. Please read the following guidance.
Fair and transparent
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
