Deputy Chief Information Security Officer

Pantex Plant-posted 4 months ago
Director
Oak Ridge, TN
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Deputy Chief Information Security Officer (DCISO) is responsible for assisting the Chief Information Security Officer (CISO) in overseeing the Cybersecurity Organization. This organization consists of the Operations Team, Authorization Team, and several direct staff. This person will assist the CISO in the management, training, mentoring and performance monitoring of CISO staff as well as other duties as assigned. The DCISO will report to the Chief Information Security Officer (CISO) and will work with the Authorization Manager, Operations Manager and other Cybersecurity Staff to manage the CNS Cybersecurity Program. Additionally, this person may serve as an Alternate Information System Security Manager (A-ISSM), assisting the primary ISSM in delegated duties. This position is expected to have an understanding of the NIST Risk Management Framework (RMF), Cybersecurity technical principles and the various supporting elements.

  • Serve as the alternate cybersecurity lead for the Y-12 National Security Complex
  • Ensure risk-balanced security measures are integrated into IT projects and activities
  • Maintain an understanding of current and emerging cyber threats at all times, and make recommendations for mitigation to the CISO/CIO
  • Assist in the development, ongoing improvement and maintenance of the CNS cyber security architecture
  • Work in partnership with other IS&S managers in the development, implementation and operation of a Security Operations Center
  • Manage compliance activities to support the contractor assurance program (i.e., patching and mitigation actions to resolve vulnerability scans)
  • Work with CISO to establish cyber metrics to gauge program effectiveness and perform internal audits and assessments and to establish policies and procedures to ensure appropriate cyber controls and monitoring are in place to ensure the confidentiality, integrity, and availability of CNS and NNSA information
  • Support the CIO, CISO, and other cyber security personnel to ensure implementation of the cyber security program remains in compliance with DOE/NNSA and NIST requirements
  • Establish and maintain a strong external network of cyber contacts to ensure threat information and best practices are incorporated into the CNS cyber security program
  • Work cooperatively with external parties such as DOE-CIRC, JC3, DHS, CI, intelligence organizations, and others as appropriate to help improve the CNS cyber program and security capabilities
  • Work with CISO to plan, prepare, and devise work plans that ensure cyber efforts are conducted within approved budget and schedule parameters while implementing IS&S project management processes
  • Maintain a strong understanding of mission needs and use cases so that risk management and cyber operations activities effectively support the CNS mission and program direction while managing risk in a balanced manner
  • Maintain communications efforts with the Nuclear Production Office (NPO) federal customer on matters pertaining to cyber security and incident response
  • Ensure all CNS systems have an approved Authority to Operate (ATO) from NPO
  • Bachelor's degree: Minimum 12 years of relevant experience with minimum 5 years of supervisory/management experience.
  • Twenty or more years of relevant education, training, and/or progressive experience may be considered to satisfy educational and years-of-experience to meet the requirements for this posting.
  • Advanced Degree in information technology, engineering, or related field
  • CISSP, CPT, CHFI, and/or CCNP certifications desired but not required
  • Experience in coordinating sophisticated incident response from attacks by APT actors
  • Knowledge of Risk Management Framework (NIST SP 800-37 and SP 800-39)
  • Familiarity with business process re-engineering to include Six Sigma and/or Lean techniques
  • Familiarity with utilizing electronic Governance, Risk, and Compliance (eGRC) systems
  • Experience with establishing and maturing enterprise risk management frameworks
  • Experience leading self-assessments and supporting external audit activities
  • Familiarity with current application models, data analytics, cloud services, and mobility
  • Experience in federal program management to include financial budgeting, resource management and execution, reporting, and procurements
  • Continuous improvement and feedback for existing processes
  • Strong foundation in and in-depth technical knowledge of security engineering, computer and network security, authentication, and security controls
  • Knowledge of the ITIL framework
  • Experience in project management with PMP certification desired but not required
  • Familiarity with DOE Cyber Security program and requirements
  • Familiarity with the security development lifecycle for custom software
  • Familiarity with supporting and enabling the DOE/NNSA mission
  • Medical plan
  • Prescription drug plan
  • Vision plan
  • Dental plan
  • Employer matched 401(k) savings plan
  • Disability coverage
  • Education reimbursement
  • Onsite workout facilities
  • Onsite cafeterias
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Chief Information Officer Resume Examples
Chief Information Officer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service