Summary The Intelligence Community (IC) Chief Information Office (CIO) is responsible for advancing the Intelligence Community's mission by driving secure collaboration, integration, and information sharing; identifying and addressing information enterprise risks; and providing strategic leadership and oversight of the IC's enterprise architecture and enterprise information technology. Responsibilities The Cybersecurity Group (CSG) oversees IC-wide efforts to safeguard the IC Information Environment (IE) in support of the DNI's Title 44 statutory responsibilities. With a focus on security aspects of the IC IE, utilizes proactive oversight and management levels of governance, policy, standards, architecture, engineering, risk management, investment management, along with independent verification and validation, to drive a secure, robust, and integrated IC IE aligned with IC mission-related objectives and strategies. The Director of CSG is dual-hatted as the IC Chief Information Security Officer (IC CISO). The CSG Senior Information System Security Manager (ISSM) involves ensuring the confidentiality, integrity, and availability of systems, networks, and data through planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. The ISSM is responsible for the planning, development, implementation, and management of cybersecurity programs in support of the CSG Technical Security Division (TSD) Chief. Serve as the Senior ISSM responsible for the planning, development, implementation, and management of cybersecurity programs in support of the CSG Technical Security Division (TSD) Chief. Provide operational oversight of the Data Security and Standards Team (DAST) for the development of common IC data and metadata specifications for the protection and sharing of intelligence and entity data. Ensure the confidentiality, integrity, and availability of systems, networks, and data through planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools. Provide management and oversight of the Joint Verification and Validation (JV2) Team responsible to conduct security control assessments of cloud service provider (CSP) fabrics, systems, and services to identify risk. Enable the IC mission through the effective execution of the Risk Management Framework (RMF) and the application of adequate security controls across the entirety of the IC Information Environment (IE). Serve as a principal advisor on all information system security matters and is a subject matter expert in applying IC Directive (ICD) 503, Committee on National Security Systems (CNSS) 125, and National Institute for Standards and Technology (NIST) Special Publication (SP) 800-53. Execute functions that include cybersecurity policy interpretation, reviewing security control assessment findings, providing briefings and presentations to senior audiences, negotiating among differing parties, and formulating positions across a wide range of cybersecurity issues. Provide senior level analysis and review of risk considerations (mission, security, and cost tradeoffs) in context of IC missions, interpreting Security Assessment Reports (SARs), Risk Assessment Reports (RARs), Plans of Action and Milestones (POA&Ms), and System Security Plans (SSPs), providing critical thinking in applying security controls to system design and risk determinations. Perform and provides risk tradeoff analysis to implement the policies, processes, models, assessments, and standards needed to recommend risk acceptance for complex systems and missing enablement. Apply expert knowledge of the principles of zero trust including the planning, development, and implementation of the IC Zero Trust Framework across the IC. Collaborate directly with senior security managers charged with developing security guidelines for the IC. Requirements Conditions of Employment Qualifications Mandatory Requirements: Expert knowledge of information technology infrastructure including operating systems, major application systems, and network architecture. Expert knowledge of IC cybersecurity policies, procedures, and practices, as well as the implications of those policies on component Information Technology (IT) systems and security issues. Expert program management, analytic, and critical thinking skills, including a superior ability to conduct cybersecurity program assessments, identify needs and requirements, and develop process improvement recommendations for the successful implementation of IC cybersecurity programs. Superior ability to communicate, both verbally and in writing, complex information in a clear, concise manner that is targeted to and meets the needs of diverse audiences with different perspectives and objectives. Superior ability to handle the most difficult, politically sensitive, or highly visible situations. Work effectively both independently and in a team or collaborative environment, mentor junior colleagues, and utilize strong organizational and interpersonal problem-solving skills. Superior ability to establish regular contact with high-level internal and external resources and customers, supplying or seeking information on security programs and issues; superior use of tact when expressing ideas or opinions to senior leaders, customers, contractors, and other stakeholders. Superior ability to listen to, clarify, and convey an understanding of others' ideas, comments, and questions, and integrate and build upon diverse opinions in a manner that encourages the formation of integrated solutions and positions. Bachelor Degree or equivalent experience of 10 years in one of the following concentrations Computer Science, cybersecurity, engineering, information science, Information Systems Management, or closely related discipline. Desired Requirements: CISSP, Security+, or a related cybersecurity certification. Education Bachelor's degree Additional Information Job Interview Travel: Candidates from outside the Washington, D.C., area may be selected for a telephone, teleconference, or in-person interview. Salary Determination: The ODNI uses a rank-in-person system in which rank is attached to GS employees on the basis of individual qualifications, experience, and performance. Individuals whose current GS grade is equivalent to the grade of the advertised position will retain their current grade and step. Individuals who transfer to the ODNI from a non-GS pay scale will have base pay converted to the appropriate GS grade and step as determined by the Director/ Human Resource Management. On occasional instances when a current federal civilian employee applies for an ODNI position that is a lower grade than his or her personal grade, the candidate's personal grade will be downgraded to the grade of the advertised ODNI position and pay will be set at the step that is closest to but not less than the employee's current annual base rate of pay, not to exceed the maximum rate (i.e., step 10) of the GS grade to which assigned. Relocation Expenses: For new ODNI employees, reimbursement for relocation is discretionary based on availability of funds. Reasonable Accommodations: The ODNI provides reasonable accommodations to qualified applicants with disabilities. If you need a reasonable accommodation for any part of the application and hiring process, please notify the Reasonable Accommodations Officer by classified email at dnireasonableaccommodationwma@cia.ic.gov, by unclassified email at DNIDRA@dni.gov, by telephone at 703-275-3900 or by FAX at 703-275-1217. Your request for reasonable accommodation will be addressed on a case-by-case basis. PLEASE DO NOT SUBMIT YOUR APPLICATION TO THE EEOD EMAIL ADDRESS. THIS EMAIL IS FOR REASONABLE ACCOMMODATION REQUESTS ONLY. The ODNI is an equal opportunity employer and abides by applicable employment laws and regulations.