Apply on Employer Site

USAJOBS · 13 hours ago

ODNI Chief Information Security Officer (CISO)

Bethesda, Maryland, USA

Full-time

Onsite

Director/Executive

$169K/yr - $192K/yr

The Office of the Director of National Intelligence (ODNI) is responsible for enhancing the Intelligence Community's mission through secure collaboration and information sharing. The Chief Information Security Officer (CISO) will oversee the ODNI's Cybersecurity Program, ensuring compliance with federal laws and providing strategic leadership for cybersecurity initiatives.

ConsultingGovernmentHuman ResourcesInformation TechnologyInternetStaffing Agency

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Performs duties as the Chief Information Security Officer (CISO) for the ODNI CIO as well as a Delegated Authorization Official (DAO) for ODNI IT systems

Responsible for all aspects of the ODNI's Cybersecurity Program (CSP) to include strategic planning and implementation of cybersecurity processes in accordance with federal law, Committee for National Security Systems policy, and Intelligence Community (IC) policy

Collaborate with the Intelligence Community Chief Information Security Officer (IC CISO) to develop and implement comprehensive cybersecurity policies and strategies that enhance the security posture of the ODNI and the broader Intelligence Community (IC). This includes fostering partnerships, sharing best practices, and aligning ODNI initiatives with IC-wide cybersecurity objectives to ensure a unified approach to threat mitigation and risk management across all intelligence operations

Lead Zero Trust Architecture integration activities across ODNI, relevant IC elements, and Services of Common Concern while providing oversight of near-term and long-term investments

Provide technical oversight for the implementation of Zero Trust Architecture, collaborating across IC, ODNI, COO, and ODNI CIO to ensure effective integration and adherence to technical requirements for system design and operations that meet IC-mandated security levels

Ensure programmatic rigor for deliverables, investment plans, and risks for ODNI's Zero Trust Architecture program are clearly understood, supported, and defensible by ODNI and IC CIO Executive Leadership

Lead the vulnerability management, cyber security operations, and the security assessments teams, driving the development and execution of robust vulnerability assessment strategies and security evaluation processes. This role includes overseeing the identification, analysis, and remediation of security vulnerabilities, ensuring compliance with federal cybersecurity standards, and enhancing the overall security framework to protect ODNI assets and data against emerging threats. Foster a culture of proactive risk management and continuous improvement within the divisions to strengthen the agency's cybersecurity posture

Provides guidance and governance for the cybersecurity of all ODNI systems while ensuring the proper monitoring and safeguarding of ODNI data

The DNI CISO ensures the confidentiality, integrity and availability of ODNI systems via the ODNI ICD-503 implementation of the NIST Risk Management Framework

Ensures compliance with applicable federal and IC information assurance regulations, statutes and mandates by continuously monitoring and assessing the security of ODNI systems

Oversees the effective integration and interoperability of disparate cybersecurity capabilities developed by separate service providers. Represent ODNI CIO at Federal, CNSS, and IC and forums where cybersecurity and Information Technology intersect

Collaborate directly with senior security managers charged with developing security guidelines for the IC

Collaborate across IC, ODNI, COO, and ODNI CIO for the implementation of Zero Trust Architecture in order to achieve IC mandated levels

Effectively leads a team of professional staff and assess performance, collaborate and oversee goal setting, and provide feedback on personal development

Demonstrated ability to deliver comprehensive briefings that convey complex concepts and/or technical information regarding cybersecurity issues clearly and concisely and in a manner that is appropriate for all audiences

Qualification

NIST Cybersecurity FrameworkZero Trust ArchitectureCybersecurity Program ManagementCloud DeploymentsLeadership SkillsTechnical KnowledgePolicy DevelopmentRisk ManagementVulnerability ManagementSecurity AssessmentsCompliance KnowledgeTechnical OversightCybersecurity StandardsInformation AssuranceData ProtectionInterpersonal SkillsProblem-Solving SkillsCommunication SkillsOrganizational SkillsMentoring SkillsTeam Collaboration

Required

Must be a current permanent ODNI employee

Must be a current permanent Federal employee

Must have supervisory approval to apply to the Joint Duty Assignment

Must be currently at the grade level of the detail

No Temporary Promotion Opportunity

Superior leadership and management skills and demonstrated experience leading a highly diverse and skilled workforce as well as mentoring junior officers

Superior interpersonal, organizational, and problem-solving skills, including a demonstrated ability to work effectively both independently and in a team/collaborative

Expert knowledge of ODNI's diverse information technology infrastructure including operating systems (e.g. Windows, Linux), multi-cloud deployments (e.g. AWS, Azure, Google, Oracle), major application systems and network architecture

Expert knowledge and experience with the NIST Cybersecurity Framework, NIST Risk Management Framework, CNSS-1253 and ICD-503

Superior ability to balance responsibilities among project activities; ability to manage transitions effectively from task to task, adapting to varying customer needs

Superior ability to communicate, both verbally and in writing, complex information in a clear, concise manner that is targeted to and meets the needs of diverse audiences with different perspectives and objectives

Superior ability to establish regular contact with high-level internal and external resources and customers, seeking and providing information on cybersecurity programs, process implantation and risks

Bachelors / Advanced degree in cybersecurity, computer science, mathematics, computer engineering, Information Technology Management or other technical field or equivalent verifiable work experience

Possess experience and technical knowledge of NIST Special Publications 800-207 and 800-53, FISMA, OMB Memorandum M-19-17, CNSS Policy No. 22, ICD 503, DoD Zero Trust Framework, NIST Cybersecurity Framework, and CIO Council Zero Trust Architecture Guidance, to implement and manage Zero Trust Architecture in federal information systems and organizations