The Chief Information Security Officer (CISO) position ​is located within GSA IT and ​​reports to the Chief Information Officer (CIO)​ of GSA. If selected, you will be responsible for:

• Assisting the CIO in the leadership of GSA’s cybersecurity strategy to ensure integration of IT security operations and compliance with mandated security requirements throughout GSA.
• Leading GSA IT’s cybersecurity programs and serving as the authority for information, data, technology and intelligence augmentation security for GSA.
• Providing advice and assistance to the CIO and Agency senior leaders on improving cybersecurity and supply chain risk, leveraging secure technology for innovative business practices/solutions, and integrating/leading significant enterprise-wide cybersecurity efforts.
• Driving optimization of cybersecurity across the Agency through implementation of new, or maximizing existing, technologies that enable the agency to continually, and securely, adapt, scale, and innovate.
• Driving the innovation of the entire GSA cybersecurity stack and cyber supply chain for the Agency business enterprise, including its agency partner and citizen-facing products and services. 
• Ensuring GSA IT teams are using modern development and cybersecurity best practices that deliver business value faster and more securely.

Conditions of employment

• Must be a U.S. Citizen or National
• Males born after 12-31-59 must be registered for Selective Service
• This position is a critical-sensitive national security position and appointment requires that you undergo a single scope background investigation and that the GSA security office grant you a Top Secret national security clearance. 
• Selected candidate will be subject to a one-year probationary period in the Senior Executive Service unless the required probationary period has previously been served.
• Selected candidate is required to file a SF-278, Public Financial Disclosure Report within 30 days after his/her appointment, in accordance with the Ethics in Government Act of 1978.
• This position has been designated under Executive Order 12564 as being subject to random drug screening.  If selected for this role, you may be subjected to random drug testing following your appointment to this SES position.  Continued employment will be contingent upon receiving a negative test result.

Qualifications

The Executive Core Qualifications (ECQs) are required for entry to the Senior Executive Service. You must show in your resume that you possess the five ECQs. Additional information on the Executive Core Qualifications is available at SES ECQs.

In addition to your resume, you must also submit a supplemental narrative statement that separately addresses the Mandatory Technical Competencies (MTCs) listed below.  Your application will not be considered if you fail to submit this supplemental narrative. Evidence of your MTCs can also reflect in your resume.

Please see the "Required Documents" section below for complete instructions on the content and format of your application package.

MANDATORY TECHNICAL COMPETENCY (MTC):

MTC 1: Demonstrated experience leading enterprise cybersecurity transformation and large-scale cybersecurity implementation including advancement of Dev/Sec/Ops and Zero Trust principles for new and emerging technologies (e.g. AI, quantum), modern technologies (e.g. cloud, low code/no code, open software, agile delivery), and legacy technology, data, infrastructure, and network environments in various stages of modernization.

MTC 2: Demonstrated experience working with technology and non-tech executives, IT and cybersecurity professionals, and non-technical representatives in government and/or private sector to continuously improve cybersecurity services and products to achieve strategic business goals and enhance business performance.

  EXECUTIVE CORE QUALIFICATIONS (ECQs):

1. Leading Change - This core qualification involves the ability to bring about strategic change, both within and outside the organization, to meet organizational goals. Inherent to this ECQ is the ability to establish an organizational vision and to implement it in a continuously changing environment.
2. Leading People - This core qualification involves the ability to lead people toward meeting the organization's vision, mission, and goals. Inherent to this ECQ is the ability to provide an inclusive workplace that fosters the development of others, facilitates cooperation and teamwork, and supports constructive resolution of conflicts.
3. Results Driven - This core qualification involves the ability to meet organizational goals and customer expectations. Inherent to this ECQ is the ability to make decisions that produce high-quality results by applying technical knowledge, analyzing problems, and calculating risks.
4. Business Acumen - This core qualification involves the ability to manage human, financial, and information resources strategically.
5. Building Coalitions - This core qualification involves the ability to build coalitions internally and with other Federal agencies, State and local governments, nonprofit and private sector organizations, foreign governments, or international organizations to achieve common goals.

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

• A GSA SES review panel will evaluate your resume and supplemental MTCs narrative statement based on the quality and extent of your total accomplishments and experiences. 
• Applicants determined to be highly qualified may be invited to participate in an interview and undergo a reference check. 
• If selected, unless you have already been certified by an Office of Personnel Management (OPM) Qualifications Review Board (QRB) in the past, your executive qualifications must be certified by a QRB before appointment can occur.