Director, Cyber and Information Security Division

Full Job Description

Organization Location: Office of the Chief Information Officer Supervising Executive: Scott Flanders, Chief of Information Officer Area of Consideration: All Groups of Qualified Individuals within the Civil Service Salary: This is a Tier 3 (NRC Pay Group C) SES position Financial Disclosure: This position is subject to Public Financial Disclosure Reporting Requirements and NRC prohibited securities ownership restrictions.

As a basic requirement, applicants must demonstrate progressively responsible leadership experience that is indicative of senior executive level managerial capability and directly related to the skills and abilities outlined under the Professional/Technical Qualifications and Executive Core Qualifications listed below.

Typically, experience of this nature will have been gained at or above the equivalent of the GS-15 grade level in the Federal service or its equivalent with state and local government, the private sector, or non-governmental organizations.

Failure to meet this basic qualification requirement and all executive and technical qualification factors will automatically exclude you from further consideration.

All candidates for SES positions with the Federal Government must demonstrate leadership experience indicative of senior executive level management capability.

To meet the minimum qualification requirements for this position, you must show in your resume that you possess the Fundamental Competencies, five Executive Core Qualifications (ECQs),listed below.

It is recommended that your resume emphasize levels of responsibility, scope and complexity of programs managed, and program accomplishments and results.

To meet the minimum qualification requirements for this position, you must show that you possess the Executive Core Qualifications (ECQ) related to this position within your resume - NOT TO EXCEED 2 PAGES.

Resumes over the 2-page limit, will not be reviewed beyond page 2 or may be disqualified.

Your resume should include examples of experience, education, and accomplishments applicable to the qualification(s).

If your resume does not reflect demonstrated evidence of these qualifications, you may not receive consideration for the position.

EXECUTIVE CORE QUALIFICATIONS ECQ 1: Commitment to the Rule of Law and the Principles of the American Founding-This core qualification requires a demonstrated knowledge of the American system of government, commitment to uphold the Constitution and the rule of law, and commitment to serve the American people.

ECQ 2: Driving Efficiency- This core qualification involves the demonstrated ability to strategically and efficiently manage resources, budget effectively, cut wasteful spending, and pursue efficiency through process and technological upgrades.

ECQ 3: Merit and Competence-This core qualification involves the demonstrated knowledge, ability and technical competence to effectively and reliably produce work that is of exceptional quality.

ECQ 4: Leading People- This core qualification involves the demonstrated ability to lead and inspire a group toward meeting the organization's vision, mission, and goals, and to drive a high-performance, high-accountability culture.

This includes, when necessary, the ability to lead people through change and to hold individuals accountable.

ECQ 5: Achieving Results- This core qualification involves the demonstrated ability to achieve both individual and organizational results, and to align results to stated goals from superiors.

All applicants must submit an online resume describing your accomplishments against each of the ECQs. You must address each ECQ.

PROFESSIONAL/TECHNICAL QUALIFICATIONS (PTQs) All applicants must submit online resume describing your accomplishments against each of the PTQs.

PTQ 1 – Executive Leadership of Enterprise Cybersecurity Programs Demonstrated ability to lead an enterprise‐wide cybersecurity program that aligns with agency mission needs and federal requirements.

This includes establishing cybersecurity strategy and architecture; overseeing implementation of NIST‐based security and privacy controls; directing enterprise risk management and continuous monitoring; and providing senior‐level guidance on cybersecurity posture, investments, and emerging threats.

PTQ 2 – Federal Security Governance, Compliance, and Incident Response Expertise Demonstrated expert knowledge of federal cybersecurity frameworks, policies, and oversight requirements (e.g., FISMA, OMB directives, NIST SP 800‐series) and proven ability to manage agency‐level security governance, compliance reporting, and coordination with oversight bodies.

Must show experience leading enterprise cyber incident response activities, coordinating with federal partners (such as CISA and OMB), and ensuring timely execution of corrective actions and agency‐wide security improvements.

Major Duties:

Nuclear Regulatory Commission (NRC)'s Office of the Chief Information Officer is looking for a dynamic, innovative, seasoned executive to lead as the Director for Cyber and Information Security Division (CISD) .

Director for CISD provides leadership for the strategic direction and management of NRC's enterprise cybersecurity threat and vulnerability information to enable the agency to identify, protect, detect, respond and recover from cyber-attacks.

Duties may include, but are not limited to: Provide leadership for the strategic direction and management of NRC's enterprise cybersecurity threat and vulnerability information to enable the agency to identify, protect, detect, respond, and recover from cyber-attacks.

Provide guidance and expert advice in developing, promoting, and maintaining cybersecurity controls and performance measures to adequately and cost effectively protect all cyber critical infrastructure, including classified and unclassified information systems and national security systems.

Provide leadership, maintain governance and operational oversight of the central point for the collection, analysis, handling, and sharing of enterprise cybersecurity information and serve as the NRC's incident response coordination and reporting element.

Provide NRC leadership in information security policy and guidance to promote efficient, effective cyber, telecommunications, and information security practices while assuring consistency with national policy.

Provide expert advice, recommendations, and representation in areas of NRC's cybersecurity policies, guidelines, and implementation of enhanced information security practices.

Serve as a representative to appropriate Federal cyber security committees.

Develop and mentor staff through on-boarding, open communication, training and development opportunities and performance management processes.