Deputy CISO

About The Position

Requirements

• Bachelor's degree: Minimum 12 years of relevant experience with minimum 5 years of supervisory/management experience.
• Twenty or more years of relevant education, training, and/or progressive experience may be considered to satisfy educational and years-of-experience to meet the requirements for this posting.
• Minimum 5 years supervisory/management experience.
• Must be able to obtain/maintain a DOE Q clearance.

Nice To Haves

• Advanced Degree in information technology, engineering, or related field
• CISSP, CPT, CHFI, and/or CCNP certifications desired but not required
• Experience in coordinating sophisticated incident response from attacks by APT actors
• Knowledge of Risk Management Framework (NIST SP 800-37 and SP 800-39)
• Familiarity with business process re-engineering to include Six Sigma and/or Lean techniques
• Familiarity with utilizing electronic Governance, Risk, and Compliance (eGRC) systems
• Experience with establishing and maturing enterprise risk management frameworks
• Experience leading self-assessments and supporting external audit activities
• Familiarity with current application models, data analytics, cloud services, and mobility
• Experience in federal program management to include financial budgeting, resource management and execution, reporting, and procurements
• Continuous improvement and feedback for existing processes
• Strong foundation in and in-depth technical knowledge of security engineering, computer and network security, authentication, and security controls
• Knowledge of the ITIL framework
• Experience in project management with PMP certification desired but not required
• Familiarity with DOE Cyber Security program and requirements
• Familiarity with the security development lifecycle for custom software
• Familiarity with supporting and enabling the DOE/NNSA mission

Responsibilities

• Serve as the alternate cybersecurity lead for the Y-12 National Security Complex
• Ensure risk-balanced security measures are integrated into IT projects and activities
• Maintain an understanding of current and emerging cyber threats at all times, and make recommendations for mitigation to the CISO/CIO
• Assist in the development, ongoing improvement and maintenance of the CNS cyber security architecture
• Work in partnership with other IS&S managers in the development, implementation and operation of a Security Operations Center
• Manage compliance activities to support the contractor assurance program (i.e., patching and mitigation actions to resolve vulnerability scans)
• Work with CISO to establish cyber metrics to gauge program effectiveness and perform internal audits and assessments and to establish policies and procedures to ensure appropriate cyber controls and monitoring are in place to ensure the confidentiality, integrity, and availability of CNS and NNSA information
• Support the CIO, CISO, and other cyber security personnel to ensure implementation of the cyber security program remains in compliance with DOE/NNSA and NIST requirements
• Establish and maintain a strong external network of cyber contacts to ensure threat information and best practices are incorporated into the CNS cyber security program
• Work cooperatively with external parties such as DOE-CIRC, JC3, DHS, CI, intelligence organizations, and others as appropriate to help improve the CNS cyber program and security capabilities
• Work with CISO to plan, prepare, and devise work plans that ensure cyber efforts are conducted within approved budget and schedule parameters while implementing IS&S project management processes
• Maintain a strong understanding of mission needs and use cases so that risk management and cyber operations activities effectively support the CNS mission and program direction while managing risk in a balanced manner
• Maintain communications efforts with the Nuclear Production Office (NPO) federal customer on matters pertaining to cyber security and incident response
• Ensures all CNS systems have an approved Authority to Operate (ATO) from NPO

Benefits

• Meaningful work and unique opportunities to support missions vital to national and global security
• Top-notch, dedicated colleagues
• Generous pay and benefits with a stable organization
• Career advancement and professional development programs
• Work-life balance fostered through flexible work options and wellness initiatives
• Benefits such as: medical plan, prescription drug plan, vision plan, dental plan, employer matched 401(k) savings plan, disability coverage, education reimbursement and many more.
• onsite workout facilities
• onsite cafeterias