Deputy Chief Information Officer for Cybersecurity and Chief Information Security Officer (CISO)

Full Job Description

The Department of Energy's (DOE) Office of the Chief Information Officer is looking for a dynamic, innovative, seasoned executive to serve as the Deputy Chief Information Officer for Cybersecurity and CISO within the Office of the Chief Information Officer (OCIO).

Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.

Candidates will not be hired based on their race, sex, color, religion, or national origin.

To meet the minimum qualification requirements for this position, you must show that you possess the Executive Core Qualifications (ECQ) and Technical Qualifications (TQ) related to this position within your resume - NOT TO EXCEED 2 PAGES.

Resumes over the 2-page limit, will not be reviewed beyond page 2 or may be disqualified.

Your resume should include examples of experience, education, and accomplishments applicable to the qualification(s).

If your resume does not reflect demonstrated evidence of these qualifications, you may not receive consideration for the position.

TECHNICAL QUALIFICATIONS (TQs): Your resume should demonstrate accomplishments that would satisfy the technical qualifications.

TQ 1: Demonstrated comprehensive executive leadership in establishing and directing advanced cybersecurity programs that underpin digital transformation initiatives.

TQ 2: Exhibited exceptional leadership in managing complex cybersecurity operations, including, but not limited to, incident response and recovery, at an enterprise level.

EXECUTIVE CORE QUALIFICATIONS (ECQs): In addition to the Technical Qualification Requirements listed above, all new entrants into the Senior Executive Service (SES) under a career appointment will be assessed for executive competency against the following five mandatory ECQs.

If your 2-page resume does not reflect demonstrated evidence of the ECQs and TQs, you may not receive further consideration for the position.

There are five ECQs: ECQ 1: Commitment to the Rule of Law and the Principles of the American Founding - This core qualification requires a demonstrated knowledge of the American system of government, commitment to uphold the Constitution and the rule of law, and commitment to serve the American people.

ECQ 2: Driving Efficiency - This core qualification involves the demonstrated ability to strategically and efficiently manage resources, budget effectively, cut wasteful spending, and pursue efficiency through process and technological upgrades.

ECQ 3: Merit and Competence - This core qualification involves the demonstrated knowledge, ability and technical competence to effectively and reliably produce work that is of exceptional quality.

ECQ 4: Leading People - This core qualification involves the demonstrated ability to lead and inspire a group toward meeting the organization's vision, mission, and goals, and to drive a high-performance, high-accountability culture.

This includes, when necessary, the ability to lead people through change and to hold individuals accountable.

ECQ 5: Achieving Results - This core qualification involves the demonstrated ability to achieve both individual and organizational results, and to align results to stated goals from superiors.

Note: If you are a member of the SES or have been certified through successful participation in an OPM approved SES Candidate Development Program (SESCDP), or have SES reinstatement eligibility, you do not need to respond to the ECQs.

Instead, you should attach proof (e.g., SF-50, Certification by OPM's SES Qualifications Review Board (QRB)) of your eligibility for noncompetitive appointment to the SES. Major Duties:

The Department of Energy's (DOE) Office of the Chief Information Officer is looking for a dynamic, innovative, seasoned executive to lead the Office Deputy Chief Information Officer for Cybersecurity and Chief Information Security Officer (CISO).

The Deputy Chief Information Officer for Cybersecurity & CISO provides leadership for the strategic direction and management of Department-wide enterprise cybersecurity threat and vulnerability information to enable the agency to identify, protect, detect, respond and recover from cyber-attacks.

As the Deputy Chief Information Officer for Cybersecurity and CISO you will: Provide leadership for the strategic direction and management of Department-wide enterprise cybersecurity threat and vulnerability information to enable the agency to identify, protect, detect, respond, and recover from cyber-attacks.

Provide guidance and expert advice in developing, promoting, and maintaining cybersecurity controls and performance measures to adequately and cost effectively protect all cyber critical infrastructure, including classified and unclassified information systems and national security systems.

Provide leadership, maintain governance and operational oversight of the DOE Joint Cybersecurity Coordination Center, central point for the collection, analysis, handling, and sharing of enterprise cybersecurity information and serve as the Department's incident response coordination and reporting element.

Provide Department-wide leadership in information security policy and guidance to promote efficient, effective cyber, telecommunications, and information security practices while assuring consistency with national policy.

Provide expert advice, recommendations, and representation in areas of Departmental cybersecurity policies, guidelines, and implementation of enhanced Departmental information security practices.

Serve as a representative to appropriate Federal cyber security committees and forums, including the Federal Computer Security Program Manager's Forum and the Committee for National Security Systems Security Committee.

Develop and mentor staff through on-boarding, open communication, training and development opportunities and performance management processes.

This is a dual-hatted position that includes serving as the "Chief Information Security Officer" (CISO), duties include: Develop and maintain the Department's cybersecurity architecture to ensure Departmental information and information systems are protected in accordance with the risk and magnitude of harm that would occur from the loss or compromise of the Department's information assets.

On behalf of the CIO, prepare DOE's annual agency report on the effectiveness of DOE's Cybersecurity Management Program, including progress of remedial actions.

Serve as the senior advisor to departmental officials to ensure that DOE's program office compliance with the Cybersecurity Management Program.

Establish Departmental cybersecurity policy, standards, and guidelines in accordance with federal law and regulations, Presidential directives, the national standards and industry best practices.

Develop and coordinate Departmental policy for communications security, emissions security, secure voice, and cybersecurity.

Responsible for the Enterprise Risk Management-Cybersecurity (ERM-CS) strategy plan, and management.

Serve as the agency's cybersecurity liaison to the private sector and federal community including the Executive Office of Management and Budget (OMB), the Committee on National Security Systems, and the National Institute for Standards and Technology.

Serve as the DOE's senior Authorizing Official (AO) and provide training, guidance, and coordination with other agency AOs.