This position is located in the Office of Information Technology (OIT), Centers for Medicare and Medicaid Services (CMS).
As the Director, Information Security and Privacy Group/Chief Information Security Officer, you will direct CMS' Information Security and Privacy Programs, which fulfill CMS' responsibility to maintain and improve the security of its information and information systems.
Summary
This position is located in the Office of Information Technology (OIT), Centers for Medicare and Medicaid Services (CMS).
As the Director, Information Security and Privacy Group/Chief Information Security Officer, you will direct CMS' Information Security and Privacy Programs, which fulfill CMS' responsibility to maintain and improve the security of its information and information systems.
Open to all groups of qualified individuals from the public, including current employees within the Federal Excepted Service, current employees within the Federal Competitive Service, and current career SES and SES reinstatement eligibles. SESCDP graduates may also apply for noncompetitive consideration.
Plan, coordinate, and control information system security and privacy CMS-wide, including security and privacy
measures across the full technology stack.
Direct and mature a CMS-wide cybersecurity and privacy program ensuring risk-based protection commensurate with the magnitude of harm to beneficiaries, providers, and federal programs.
Direct and enforce enterprise-wide compliance with federal cybersecurity and privacy statutes, regulations, and policies.
Oversee Security Operations Center (SOC) operations, threat intelligence, detection, and response capabilities.
Establish enterprise risk metrics and performance indicators tied to mission impact, operational resilience, and budget decisions.
Represents CMS in engagements with HHS, OMB, interagency partners, and Congressional stakeholders.
Subject to a 1-year supervisory probationary period (unless already completed).
Complete a Declaration for Federal Employment to determine your suitability for Federal employment, at the time requested by the agency.
If you are a male applicant born after December 31, 1959, certify that you have registered with the Selective Service System or are exempt from having to do so.
May be subject to pre-employment and random drug tests.
You may be required to obtain and maintain an interim and/or final security clearance prior to entrance on duty. Failure to obtain and maintain the required level of clearance may result in the withdrawal of a job offer or removal.
The Ethics in Government Act, PL 95-521 requires the applicant selected for this position to submit a financial disclosure statement, OGE-278e, prior to assuming the SES position, annually, and upon termination of employment.
Status applicants must submit a copy of their most recent SF-50, Notification of Personnel Action, which verifies status.
All initial appointments to an SES position are contingent on approval from OPM's Qualifications Review Board unless the selectee has successfully participated in an OPM approved SES Candidate Development Program.
Only experience obtained by the closing date of this announcement will be considered.
Qualifications
Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution. Candidates will not be hired based on their race, sex, color, religion, or national origin.
To meet the minimum qualification requirements for this position, you must show that you possess the Executive Core Qualifications (ECQ) and Technical Qualifications (TQ) related to this position within your resume - NOT TO EXCEED 2 PAGES. Resumes over the 2-page limit, will not be reviewed beyond page 2 or may be disqualified. Your resume should include examples of experience, education, and accomplishments applicable to the qualification(s). If your resume does not reflect demonstrated evidence of these qualifications, you may not receive consideration for the position.
There is NO requirement to prepare a narrative statement specifically addressing the Executive Core Qualifications (ECQs) or the Technical Qualifications (TQs).
TECHNICAL QUALIFICATIONS (TQs): Your resume should demonstrate accomplishments that would satisfy the technical qualifications.
TQ 1: Demonstrated executive-level experience leading an enterprise cybersecurity and risk management program in a large, complex, and highly regulated organization. Experience must include implementing and overseeing compliance with federal cybersecurity and privacy requirements, including the Federal Information Security Modernization Act (FISMA), Office of Management and Budget (OMB) policies, and National Institute of Standards and Technology (NIST) frameworks, to safeguard mission-critical systems. Demonstrated experience directing risk management, system authorization, continuous monitoring, and external oversight activities, and providing strategic advice to senior leaders on cybersecurity risk and compliance decisions.
TQ 2: Demonstrated executive-level experience designing, implementing, and governing enterprise security and privacy controls for high-impact systems in a large, complex organization. Experience must include leading zero trust and identity-centered security initiatives; integrating security and privacy requirements into system development lifecycles and cloud environments; and safeguarding sensitive data within a Health Insurance Portability and Accountability Act (HIPAA)-covered entity. Demonstrated experience enforcing federal privacy and data protection laws and policies, including the Privacy Act, E-Government Act, and HIPAA; directing security operations and incident response programs; and ensuring the availability, integrity, confidentiality, and resilience of mission-critical systems and services.
EXECUTIVE CORE QUALIFICATIONS (ECQs): In addition to the Technical Qualification Requirements listed above, all new entrants into the Senior Executive Service (SES) under a career appointment will be assessed for executive competency against the following five mandatory ECQs. If your 2-page resume does not reflect demonstrated evidence of the ECQs and TQs, you may not receive further consideration for the position.
There are five ECQs:
ECQ 1: Commitment to the Rule of Law and the Principles of the American Founding - This core qualification requires a demonstrated knowledge of the American system of government, commitment to uphold the Constitution and the rule of law, and commitment to serve the American people.
ECQ 2: Driving Efficiency - This core qualification involves the demonstrated ability to strategically and efficiently manage resources, budget effectively, cut wasteful spending, and pursue efficiency through process and technological upgrades.
ECQ 3: Merit and Competence - This core qualification involves the demonstrated knowledge, ability and technical competence to effectively and reliably produce work that is of exceptional quality.
ECQ 4: Leading People - This core qualification involves the demonstrated ability to lead and inspire a group toward meeting the organization's vision, mission, and goals, and to drive a high-performance, high-accountability culture. This includes, when necessary, the ability to lead people through change and to hold individuals accountable.
ECQ 5: Achieving Results - This core qualification involves the demonstrated ability to achieve both individual and organizational results, and to align results to stated goals from superiors.
Note: If you are a member of the SES or have been certified through successful participation in an OPM approved SES Candidate Development Program (SESCDP), or have SES reinstatement eligibility, you do not need to respond to the ECQs. Instead, you should attach proof (e.g., SF-50, Certification by OPM's SES Qualifications Review Board (QRB)) of your eligibility for noncompetitive appointment to the SES.
Education
This job does not have an education qualification requirement.
Additional information
Veterans Preference: Veterans' preference is not applicable to the SES.
Mobility:Organizational and geographical mobility is essential in developing and managing SES leaders. Individuals selected for SES positions members may be subject to reassignment across geographical, organizational, and functional lines, and may be required to sign a Reassignment Rights and Obligation Agreement.
OPM must authorize any employment offers made to current or former (within the last 5 years) political Schedule A, Schedule C, or Non-career SES employees in the executive branch. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C, or Noncareer SES employee in the executive branch, you must disclose that to the Human Resources Office.
Salary for SES positions varies depending on qualifications. The annual salary range is found at the top of this announcement. The selectee for this position may be eligible for annual performance bonuses and performance-based pay adjustments.
This position is designated as a Testing Designated Position (TDP). You must successfully complete a pre-employment urinalysis drug screening. You will be subject to unannounced random drug testing for the duration of service in this position.
Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
How you will be evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
You will be evaluated on the quality and extent of your total accomplishments, experience, and education (if applicable). Your application will be rated and ranked by a Senior Executive Service (SES) Panel, comprised of at least three SES members, using only the information required within the application package. Applicants who do not demonstrate in their application sufficient possession of the ECQs and TQs will be determined ineligible for further consideration.
Once the application process is complete, a review of your resume and supporting documentation will be conducted. If you meet minimum qualifications, your Application Package will be further reviewed to determine if you possess the Executive Core Qualifications (ECQ) and Technical Qualifications (MTQ) listed above. ECQs and TQs must be thoroughly addressed within your two (2) page resume. Separate narratives will not be accepted or reviewed. Highly Qualified applicants may undergo one or more interviews and may be referred to the selecting official for further consideration.
Upon selection, if not already a member of the SES serving under a career appointment, the individual selected must have his/her executive qualifications certified by the U.S. Office of Personnel Management's SES Qualifications Review Board (QRB) before appointment to this position. The selected individual's application will be forwarded to the OPM for review and certification by the QRB, unless the selectee provides evidence of their noncompetitive status (i.e., a current SES, OPM QRB certified SESCDP graduate, or SES reinstatement eligible). Upon QRB certification, the selected individual will be required to serve a one-year probationary period. For more information regarding the SES, go to https://www.opm.gov/policy-data-oversight/senior-executive-service/.
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
A complete application includes items described below. Please note that if you do not provide all required information, as specified in this announcement, you may not be considered for this position (or may not receive the special consideration for which you may be eligible).
Please carefully review the following list to determine what documentation you need to submit. Some documents may not apply to all applicants.
1. RESUME: All applicants are required to submit a resume limited to two (2) pages (i.e., 1 page that is double-sided or 2 pages that are one-sided each) showing all relevant experience. Applicants seeking initial career appointment to the Senior Executive Service (SES) must include evidence of the ECQs and TQs. PLEASE DO NOT USE USAJOBS RESUME BUILDER.
2. VACANCY QUESTION/ASSESSMENT QUESTIONNAIRE RESPONSES: Responses are automatically submitted through USA Jobs when you apply to this vacancy. Click the following link to preview the assessment: https://apply.usastaffing.gov/ViewQuestionnaire/12917472.
3. ADDITIONAL REQUIRED DOCUMENTS: Applicants are required to submit the following supporting documentation if applicable:
CURRENT OR FORMER SES MEMBERS: Must provide your SES appointment SF-50 (Notification of Personnel Action), and an SF-50 showing current career SES status or career SES reinstatement eligibility.
SES CANDIDATE DEVELOPMENT PROGRAM (SESCDP) GRADUATES: Verification of successful completion of an OPM-approved SESCDP and OPM SES QRB certification.
CURRENT FEDERAL CIVIL SERVICE EMPLOYEE: Must provide a copy of your Notification of Personnel Action, Standard Form 50 (SF-50) or equivalent personnel action form reflecting you are a current Federal Civil Service employee.
STRONGLY RECOMMENDED: Most recent performance evaluation.
There are three key documents that contain important information about your rights and obligations. Please read and retain these documents:
FD-258 Privacy Act Statement - FBI (this is the same statement used when your fingerprints are submitted as part of your background investigation), and
SEAD-3-Reporting-U.pdf (dni.gov), (applicable to those who hold a sensitive position or have eligibility for access to classified information)"
Applicants must complete a Declaration for Federal Employment when requested by the agency to assess suitability for Federal employment.
To apply for this position, you must complete this application and submit any required documents specified in the Required Documents section and submit by 11:59 PM (EST) on 04/09/2026 to receive consideration.
To begin, click Apply to access the online application. You will need to be logged into your USAJOBS account to apply. If you do not have a USAJOBS account, you will need to create one before beginning the application.
Follow the prompts to select and upload your résumé and/or other required documents to be included with your application package. You will have the opportunity to upload additional documents to include in your application before it is submitted. Your uploaded documents may take several hours to clear the virus scan process.
After acknowledging you have reviewed your application package, complete the "Include Personal Information" section as you deem appropriate and click to continue with the application process.
You will be taken to the online application which you must complete in order to apply for the position. Complete the online application, verify the required documentation is included with your application package, and submit the application.
It is applicant's responsibility to verify that information entered and uploaded, (i.e., resume and other required documents) is complete, accurate, and submitted by the closing date. Human Resources will not modify or change any part of your application.
Application packages will NOT be accepted via mail. Due to security processes, mail delivery takes approximately 2-3 weeks to process at which time the vacancy announcement will be closed, and no further consideration will be given to additional application packages.
Commissioned Corps Officers (including Commissioned Corps professionally boarded applicants) who are interested in applying for this position must send their cover letter and professional resume (not PHS Curriculum Vitae) to CMSCorpsJobs@cms.hhs.gov in lieu of applying through this announcement. The resume should specifically explain how you are qualified for this position and draw specific attention to your skills and experiences that demonstrate these qualifications. Also send any transcripts, licenses or certifications as requested in this announcement. Please send all documents in 1 PDF file. In the subject line of your e-mail include only the Job Announcement Number. In the body of your e-mail include your current rank name and serial number. Failure to provide this information may impact your consideration for this position.
Office of Information Technology
7500 Security Blvd
Woodlawn, MD 21244
US
Next steps
To verify the status of your application, sign in to your USAJOBS account (https://www.usajobs.gov/), all of your applications will appear on the Welcome screen. The Application Status will appear along with the date your application was last updated. For information on what each Application Status means, visit: https://help.usajobs.gov/how-to/application/status.
Once your online application is submitted you will receive a confirmation notification by email. Your application will be evaluated by the Human Resources Office to determine your eligibility for the position. After the evaluation is complete, you will receive another notification regarding the status of your application.
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
A complete application includes items described below. Please note that if you do not provide all required information, as specified in this announcement, you may not be considered for this position (or may not receive the special consideration for which you may be eligible).
Please carefully review the following list to determine what documentation you need to submit. Some documents may not apply to all applicants.
1. RESUME: All applicants are required to submit a resume limited to two (2) pages (i.e., 1 page that is double-sided or 2 pages that are one-sided each) showing all relevant experience. Applicants seeking initial career appointment to the Senior Executive Service (SES) must include evidence of the ECQs and TQs. PLEASE DO NOT USE USAJOBS RESUME BUILDER.
2. VACANCY QUESTION/ASSESSMENT QUESTIONNAIRE RESPONSES: Responses are automatically submitted through USA Jobs when you apply to this vacancy. Click the following link to preview the assessment: https://apply.usastaffing.gov/ViewQuestionnaire/12917472.
3. ADDITIONAL REQUIRED DOCUMENTS: Applicants are required to submit the following supporting documentation if applicable:
CURRENT OR FORMER SES MEMBERS: Must provide your SES appointment SF-50 (Notification of Personnel Action), and an SF-50 showing current career SES status or career SES reinstatement eligibility.
SES CANDIDATE DEVELOPMENT PROGRAM (SESCDP) GRADUATES: Verification of successful completion of an OPM-approved SESCDP and OPM SES QRB certification.
CURRENT FEDERAL CIVIL SERVICE EMPLOYEE: Must provide a copy of your Notification of Personnel Action, Standard Form 50 (SF-50) or equivalent personnel action form reflecting you are a current Federal Civil Service employee.
STRONGLY RECOMMENDED: Most recent performance evaluation.
There are three key documents that contain important information about your rights and obligations. Please read and retain these documents:
FD-258 Privacy Act Statement - FBI (this is the same statement used when your fingerprints are submitted as part of your background investigation), and
SEAD-3-Reporting-U.pdf (dni.gov), (applicable to those who hold a sensitive position or have eligibility for access to classified information)"
Applicants must complete a Declaration for Federal Employment when requested by the agency to assess suitability for Federal employment.
To apply for this position, you must complete this application and submit any required documents specified in the Required Documents section and submit by 11:59 PM (EST) on 04/09/2026 to receive consideration.
To begin, click Apply to access the online application. You will need to be logged into your USAJOBS account to apply. If you do not have a USAJOBS account, you will need to create one before beginning the application.
Follow the prompts to select and upload your résumé and/or other required documents to be included with your application package. You will have the opportunity to upload additional documents to include in your application before it is submitted. Your uploaded documents may take several hours to clear the virus scan process.
After acknowledging you have reviewed your application package, complete the "Include Personal Information" section as you deem appropriate and click to continue with the application process.
You will be taken to the online application which you must complete in order to apply for the position. Complete the online application, verify the required documentation is included with your application package, and submit the application.
It is applicant's responsibility to verify that information entered and uploaded, (i.e., resume and other required documents) is complete, accurate, and submitted by the closing date. Human Resources will not modify or change any part of your application.
Application packages will NOT be accepted via mail. Due to security processes, mail delivery takes approximately 2-3 weeks to process at which time the vacancy announcement will be closed, and no further consideration will be given to additional application packages.
Commissioned Corps Officers (including Commissioned Corps professionally boarded applicants) who are interested in applying for this position must send their cover letter and professional resume (not PHS Curriculum Vitae) to CMSCorpsJobs@cms.hhs.gov in lieu of applying through this announcement. The resume should specifically explain how you are qualified for this position and draw specific attention to your skills and experiences that demonstrate these qualifications. Also send any transcripts, licenses or certifications as requested in this announcement. Please send all documents in 1 PDF file. In the subject line of your e-mail include only the Job Announcement Number. In the body of your e-mail include your current rank name and serial number. Failure to provide this information may impact your consideration for this position.
Office of Information Technology
7500 Security Blvd
Woodlawn, MD 21244
US
Next steps
To verify the status of your application, sign in to your USAJOBS account (https://www.usajobs.gov/), all of your applications will appear on the Welcome screen. The Application Status will appear along with the date your application was last updated. For information on what each Application Status means, visit: https://help.usajobs.gov/how-to/application/status.
Once your online application is submitted you will receive a confirmation notification by email. Your application will be evaluated by the Human Resources Office to determine your eligibility for the position. After the evaluation is complete, you will receive another notification regarding the status of your application.
Fair and transparent
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
