US DHS Headquarters
Deputy Chief Information Security Officer
US DHS Headquarters, Arlington, Virginia, United States, 22201
Duties
DHS Cybersecurity Service (DHS-CS) uses a multi-phase assessment process to qualify applicants seeking employment through the DHS-CS. Given the ever-advancing nature of cybersecurity and the ongoing need for cybersecurity talent, DHS-CS uses "Talent Pools" to pull qualified applicants (i.e., individuals who have successfully completed the multi-phase assessment process for their capability and career track/level) for consideration for these jobs.
By applying to this job announcement, you are not just applying for a specific job but are opting to be part of the DHS-CS Talent pool for ongoing consideration for employment in this Technical Capability and will remain eligible for consideration for up to one year from the date of completion.
As Deputy CISO you will report directly to the CISA Chief Information Security Officer (CISO) and manage a range of complex cybersecurity work related to establishing and maintaining a comprehensive Agency-wide information security and risk management program. You will be responsible for the Agency's security architecture, security operations center, and responsiveness to incidents that may impact business, mission assets, personnel, and networks across CISA's multi-billion-dollar information technology enterprise.
As a DHS Cybersecurity Service Employee in the Leadership Track, at the Senior Cybersecurity Manager level, you will continually and proactively participate in learning activities to enhance and apply your technical and leadership expertise in either Cybersecurity Defensive Operations - Intelligence Collection & Analysis (ICA), as well as Planning, Execution & Analysis (PEA), Cybersecurity Engineering, or Cybersecurity Architecture to oversee multiple DHS Federal cybersecurity programs, organizations, employees and contract resources to manage a range of unusually difficult tasks, including:
Leading and/or overseeing teams to design, implement, and evaluate DHS cybersecurity policies, protocols, and programs aimed at enhancing the security of organizational networks and IT systems, including those related to artificial intelligence and other emerging technologies.
Coordinating across the Department and with White House and interagency bodies to support the development and implementation of national-level cybersecurity policy and strategy, including related to artificial intelligence and other emerging technologies.
Representing DHS policy positions in interagency and other working groups with other departments and agencies, foreign, state and local governments, the private sector, and academia.
Reviewing and analyzing new and proposed legislation, strategies, and policy initiatives to assess the impact on DHS operations and existing cybersecurity policies, strategies, and programs.
Assisting subordinate employees in the application of laws, rules, regulations, executive orders, and current requirements to ensure DHS cybersecurity policies and programs are legally compliant and align to the organization's mission and goals.
Supervising and managing staff to conduct formal technical policy reviews of DHS's cybersecurity programs to determine if policies are current and effective, or if modifications are needed based on evolving security developments or threats.
Providing leadership and expert policy support to the implementation of new systems, networks, and software designs for potential security risks, as well as resolving integration issues related to the implementation of new systems with the existing infrastructure.
Directing and overseeing the creation, drafting, interpretation, and dissemination cybersecurity policy guidance to a variety of audiences in the form of briefings, reports, or other written products.
Providing leadership and senior advisement to the Department's engagement with Congress or other legislative bodies in order to achieve and maintain the necessary authorities and resources required to meet mission critical priorities.
Overseeing performance and development of cybersecurity policy personnel as well as serving as a mentor to DHS headquarters and/or Component employees in cybersecurity policy and those seeking to build expertise in the field.
Proactively coordinating with internal and external DHS stakeholders to share intellectual capital and relevant information in support of the overall success of cybersecurity policies and protocols, ensuring alignment with critical agency priorities.
Requirements Conditions of Employment
You must be a U.S. Citizen or national.
You must be 18 years of age.
Must be registered for the Selective Service (if you are a male).
Must be able to obtain and maintain a TOP SECRET/SCI security clearance.
Must be able to submit to a drug test and receive a negative result.
Must be able to comply with ethics and standards of conduct requirements, including completing any applicable financial disclosure.
May be required to serve a 3 year probationary period.
Qualifications
This position is in the Leadership Track at the Senior Cybersecurity Manager level. At this level, individuals generally:
Have 12+ years of cybersecurity work experience.
Have 5+ years of leadership experience
Are capable of serving as seasoned cybersecurity manager who oversees multiple DHS or Federal cybersecurity programs or DHS organizations, including employees and contract resources, through subordinate managers.
DHS Cybersecurity Service employees with a technical capability in
Cybersecurity Defensive Operations
will generally:
Integrate, manage, and execute all aspects of the cyberattack lifecycle to inform cyber defense operations.
Plan and execute cybersecurity defense operations to protect assets.
Facilitate the flow and assessment of key intelligence data.
Determine system security monitoring and incoming intelligence feeds based on dynamic security environment.
Oversee immediate remediation and containment processes.
DHS Cybersecurity Service employees with a technical capability in
Cybersecurity Engineering
will generally apply their expertise to:
Conduct software, hardware, and systems engineering to develop new and refine/enhance existing technical capabilities, ensuring full integration with security objectives, principles, and processes.
Build practical solutions in full consideration of lifecycle of costs, acquisitions, program and projects, management, and budget.
Identify engineering requirements for, and ensure interoperability of, internal and external systems.
Demonstrate strategic risk understanding, considering impact of security breaches or vulnerabilities in every aspect of the engineering process.
Stay current on emerging technologies, and their applications to current and emerging business processes (e.g., cloud, mobile) to identify and recommend methods for incorporating promising technologies to meet organizational cybersecurity requirements.
DHS Cybersecurity Service employees with a technical capability in
Cybersecurity Architecture
will generally apply their expertise to:
Develop system concepts and work on the capabilities phases of the systems development lifecycle.
Translate technology and environmental conditions (e.g., laws, regulations, policies and technical standards) into system and security designs and processes.
Provide recommendations for investment standards and policies that drive how controls will be applied across the organization.
DHS Cybersecurity Service employees start at career levels and salaries matching their experience and expertise. In recruiting for this opportunity, DHS may hire employees at higher or lower career levels and associated salaries. To learn more about DHS Cybersecurity Service career tracks and levels, visit our application portal.
This position is focused on Cybersecurity Defensive Operations- Intelligence Collection & Analysis and Planning, Execution & Analysis, Cybersecurity Engineering, or Cybersecurity Architecture.
DHS Cybersecurity Service jobs are structured cybersecurity specializations - called technical capabilities. To learn more about technical capabilities, visit our application portal.
Education Degrees are not required for jobs in the DHS Cybersecurity Service, but DHS is interested in your level of education and the topics you studied. As you submit initial application information, you will be asked questions about your education.
Additional information
Salary:
Listed salary ranges reflects typical starting salaries available to employees in most of the United States across applicable career levels. Within the provided range, average salaries vary for each career level.
Senior Cybersecurity Manager: $163,600 - $203,500
In some geographic areas, average starting salaries will be higher because of a local cybersecurity labor market supplement (e.g., metro Washington, D.C. +10%).
Actual salaries of individual employees may be higher or lower than provided figures. For an overview of the salaries available in the DHS Cybersecurity Service, visit Resources.
Benefits:
DHS Cybersecurity Service employees receive a range of federal employment benefits designed to support their professional and personal lives. To learn more about benefits, visit our application portal.
More information about the specific benefits available to you will be provided as you progress through the application process.
Background Investigation:
To ensure the accomplishment of its mission, the Department of Homeland Security (DHS) requires each and every employee to be reliable and trustworthy. To meet those standards, all selected applicants must undergo and successfully complete a background investigation for a security clearance as a condition of placement in this position. This review includes financial issues such as delinquency in the payment of debts, child support and/or tax obligations, as well as certain criminal offenses and illegal use or possession of drugs.
Pursuant to Executive Order 12564 and DHS policy, DHS is committed to maintaining a drug-free workplace and, therefore, conducts random and other drug testing of its employees in order to ensure a safe and healthy work environment. Headquarters personnel in safety- or security-sensitive positions are subject to random drug testing and all applicants tentatively selected for employment at DHS Headquarters are subject to drug testing resulting in a negative test result.
How You Will Be Evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
All DHS Cybersecurity Service (DHS-CS) applicants participate in a multi-phase assessment process, which varies by career track. For the Leadership Career Track, applicants participate in a three-phase assessment process:
You must successfully complete each phase to advance to the next phase
The total time commitment for the three phases is approximately 5-6 hours (many applicants require less time!)
Before each phase, DHS will e-mail you instructions and information to help you prepare.
Assessments are time sensitive, so monitor your e-mail to ensure you have plenty of time to complete them prior to any deadlines
PHASE I: ONLINE ASSESSMENTS
Unproctored - Completed online within a prescribed period of time
Includes three assessments: (1) a work styles inventory that will take about 30 minutes to complete; (2) a work simulation that you will have up to 2 hours to complete; and (3) a leadership simulation that you will have up to 2.5 hours to complete
The three assessments take about 3 hours (on average) to complete
Requires a computer with audio (speakers or headphones) and a reliable internet connection
No knowledge of DHS or cybersecurity is required for these assessments, which measure non-technical capabilities that are important for professional success in the DHS-CS. This includes how you communicate, analyze information, and collaborate with others:
The work styles inventory presents you with questions about your work-related interests and preferences.
The work simulation presents you with realistic, work-related scenarios and asks you to respond to them.
PHASE II: TECHNICAL CAPABILITY ASSESSMENT
Proctored - must be scheduled in advance and completed at a designated assessment center within a prescribed period of time
There is a different assessment for each DHS-CS technical capability (visit Jobs to learn more about the technical capabilities)
Most individuals only have a primary technical capability and complete only one Technical Capability Assessment, but in limited circumstances, you may complete a second Technical Capability Assessment
You will have up to 2.5 hours to complete each Technical Capability Assessment; each takes about 90 minutes (on average) to complete
Assessments present realistic, work-related cybersecurity scenarios/questions to assess technical skills
Cybersecurity knowledge is assessed, but no knowledge of DHS is required
Applicants who successfully complete Phase II will undergo a resume review to confirm required experience. Applicants who pass this review will be invited to participate in a Phase III: Advanced Technical Interview. More information will be provided to such applicants as they progress through the application process.
PHASE III: ADVANCED TECHNICAL INTERVIEW
This interview is conducted on-demand (self-scheduled by you within a prescribed period of time) without live interviewers
Two types of questions will be presented: One type focuses on your previous experience and the other focuses on hypothetical situations or scenarios
This interview takes about 60 minutes (on average) to complete
Your proctored assessment results are valid for a period of one year after completion and will be kept and used toward future positions for which you might apply that require the same assessments.
To learn about the assessment process, visit our portal and read the "Assessment Process" guide.
Required Documents
Your resume. To help you prepare your resume before applying to the DHS Cybersecurity Service, visit our application portal and read the "Resume Tips" guide.
If you are requesting a reasonable accommodation to the online assessments, submit documentation to support your request, including the Reasonable Accommodation Request Form found here.
If you are a current or former political Schedule A, Schedule C, Non-career SES or Presidential Appointee employee please submit a copy of your applicable SF-50, along with a statement that provides the following information regarding your most recent political appointment:- Position title- Type of appointment (Schedule A, Schedule C, Non-career SES, or Presidential Appointee)- Agency- Beginning and ending dates of appointment.
#J-18808-Ljbffr
By applying to this job announcement, you are not just applying for a specific job but are opting to be part of the DHS-CS Talent pool for ongoing consideration for employment in this Technical Capability and will remain eligible for consideration for up to one year from the date of completion.
As Deputy CISO you will report directly to the CISA Chief Information Security Officer (CISO) and manage a range of complex cybersecurity work related to establishing and maintaining a comprehensive Agency-wide information security and risk management program. You will be responsible for the Agency's security architecture, security operations center, and responsiveness to incidents that may impact business, mission assets, personnel, and networks across CISA's multi-billion-dollar information technology enterprise.
As a DHS Cybersecurity Service Employee in the Leadership Track, at the Senior Cybersecurity Manager level, you will continually and proactively participate in learning activities to enhance and apply your technical and leadership expertise in either Cybersecurity Defensive Operations - Intelligence Collection & Analysis (ICA), as well as Planning, Execution & Analysis (PEA), Cybersecurity Engineering, or Cybersecurity Architecture to oversee multiple DHS Federal cybersecurity programs, organizations, employees and contract resources to manage a range of unusually difficult tasks, including:
Leading and/or overseeing teams to design, implement, and evaluate DHS cybersecurity policies, protocols, and programs aimed at enhancing the security of organizational networks and IT systems, including those related to artificial intelligence and other emerging technologies.
Coordinating across the Department and with White House and interagency bodies to support the development and implementation of national-level cybersecurity policy and strategy, including related to artificial intelligence and other emerging technologies.
Representing DHS policy positions in interagency and other working groups with other departments and agencies, foreign, state and local governments, the private sector, and academia.
Reviewing and analyzing new and proposed legislation, strategies, and policy initiatives to assess the impact on DHS operations and existing cybersecurity policies, strategies, and programs.
Assisting subordinate employees in the application of laws, rules, regulations, executive orders, and current requirements to ensure DHS cybersecurity policies and programs are legally compliant and align to the organization's mission and goals.
Supervising and managing staff to conduct formal technical policy reviews of DHS's cybersecurity programs to determine if policies are current and effective, or if modifications are needed based on evolving security developments or threats.
Providing leadership and expert policy support to the implementation of new systems, networks, and software designs for potential security risks, as well as resolving integration issues related to the implementation of new systems with the existing infrastructure.
Directing and overseeing the creation, drafting, interpretation, and dissemination cybersecurity policy guidance to a variety of audiences in the form of briefings, reports, or other written products.
Providing leadership and senior advisement to the Department's engagement with Congress or other legislative bodies in order to achieve and maintain the necessary authorities and resources required to meet mission critical priorities.
Overseeing performance and development of cybersecurity policy personnel as well as serving as a mentor to DHS headquarters and/or Component employees in cybersecurity policy and those seeking to build expertise in the field.
Proactively coordinating with internal and external DHS stakeholders to share intellectual capital and relevant information in support of the overall success of cybersecurity policies and protocols, ensuring alignment with critical agency priorities.
Requirements Conditions of Employment
You must be a U.S. Citizen or national.
You must be 18 years of age.
Must be registered for the Selective Service (if you are a male).
Must be able to obtain and maintain a TOP SECRET/SCI security clearance.
Must be able to submit to a drug test and receive a negative result.
Must be able to comply with ethics and standards of conduct requirements, including completing any applicable financial disclosure.
May be required to serve a 3 year probationary period.
Qualifications
This position is in the Leadership Track at the Senior Cybersecurity Manager level. At this level, individuals generally:
Have 12+ years of cybersecurity work experience.
Have 5+ years of leadership experience
Are capable of serving as seasoned cybersecurity manager who oversees multiple DHS or Federal cybersecurity programs or DHS organizations, including employees and contract resources, through subordinate managers.
DHS Cybersecurity Service employees with a technical capability in
Cybersecurity Defensive Operations
will generally:
Integrate, manage, and execute all aspects of the cyberattack lifecycle to inform cyber defense operations.
Plan and execute cybersecurity defense operations to protect assets.
Facilitate the flow and assessment of key intelligence data.
Determine system security monitoring and incoming intelligence feeds based on dynamic security environment.
Oversee immediate remediation and containment processes.
DHS Cybersecurity Service employees with a technical capability in
Cybersecurity Engineering
will generally apply their expertise to:
Conduct software, hardware, and systems engineering to develop new and refine/enhance existing technical capabilities, ensuring full integration with security objectives, principles, and processes.
Build practical solutions in full consideration of lifecycle of costs, acquisitions, program and projects, management, and budget.
Identify engineering requirements for, and ensure interoperability of, internal and external systems.
Demonstrate strategic risk understanding, considering impact of security breaches or vulnerabilities in every aspect of the engineering process.
Stay current on emerging technologies, and their applications to current and emerging business processes (e.g., cloud, mobile) to identify and recommend methods for incorporating promising technologies to meet organizational cybersecurity requirements.
DHS Cybersecurity Service employees with a technical capability in
Cybersecurity Architecture
will generally apply their expertise to:
Develop system concepts and work on the capabilities phases of the systems development lifecycle.
Translate technology and environmental conditions (e.g., laws, regulations, policies and technical standards) into system and security designs and processes.
Provide recommendations for investment standards and policies that drive how controls will be applied across the organization.
DHS Cybersecurity Service employees start at career levels and salaries matching their experience and expertise. In recruiting for this opportunity, DHS may hire employees at higher or lower career levels and associated salaries. To learn more about DHS Cybersecurity Service career tracks and levels, visit our application portal.
This position is focused on Cybersecurity Defensive Operations- Intelligence Collection & Analysis and Planning, Execution & Analysis, Cybersecurity Engineering, or Cybersecurity Architecture.
DHS Cybersecurity Service jobs are structured cybersecurity specializations - called technical capabilities. To learn more about technical capabilities, visit our application portal.
Education Degrees are not required for jobs in the DHS Cybersecurity Service, but DHS is interested in your level of education and the topics you studied. As you submit initial application information, you will be asked questions about your education.
Additional information
Salary:
Listed salary ranges reflects typical starting salaries available to employees in most of the United States across applicable career levels. Within the provided range, average salaries vary for each career level.
Senior Cybersecurity Manager: $163,600 - $203,500
In some geographic areas, average starting salaries will be higher because of a local cybersecurity labor market supplement (e.g., metro Washington, D.C. +10%).
Actual salaries of individual employees may be higher or lower than provided figures. For an overview of the salaries available in the DHS Cybersecurity Service, visit Resources.
Benefits:
DHS Cybersecurity Service employees receive a range of federal employment benefits designed to support their professional and personal lives. To learn more about benefits, visit our application portal.
More information about the specific benefits available to you will be provided as you progress through the application process.
Background Investigation:
To ensure the accomplishment of its mission, the Department of Homeland Security (DHS) requires each and every employee to be reliable and trustworthy. To meet those standards, all selected applicants must undergo and successfully complete a background investigation for a security clearance as a condition of placement in this position. This review includes financial issues such as delinquency in the payment of debts, child support and/or tax obligations, as well as certain criminal offenses and illegal use or possession of drugs.
Pursuant to Executive Order 12564 and DHS policy, DHS is committed to maintaining a drug-free workplace and, therefore, conducts random and other drug testing of its employees in order to ensure a safe and healthy work environment. Headquarters personnel in safety- or security-sensitive positions are subject to random drug testing and all applicants tentatively selected for employment at DHS Headquarters are subject to drug testing resulting in a negative test result.
How You Will Be Evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
All DHS Cybersecurity Service (DHS-CS) applicants participate in a multi-phase assessment process, which varies by career track. For the Leadership Career Track, applicants participate in a three-phase assessment process:
You must successfully complete each phase to advance to the next phase
The total time commitment for the three phases is approximately 5-6 hours (many applicants require less time!)
Before each phase, DHS will e-mail you instructions and information to help you prepare.
Assessments are time sensitive, so monitor your e-mail to ensure you have plenty of time to complete them prior to any deadlines
PHASE I: ONLINE ASSESSMENTS
Unproctored - Completed online within a prescribed period of time
Includes three assessments: (1) a work styles inventory that will take about 30 minutes to complete; (2) a work simulation that you will have up to 2 hours to complete; and (3) a leadership simulation that you will have up to 2.5 hours to complete
The three assessments take about 3 hours (on average) to complete
Requires a computer with audio (speakers or headphones) and a reliable internet connection
No knowledge of DHS or cybersecurity is required for these assessments, which measure non-technical capabilities that are important for professional success in the DHS-CS. This includes how you communicate, analyze information, and collaborate with others:
The work styles inventory presents you with questions about your work-related interests and preferences.
The work simulation presents you with realistic, work-related scenarios and asks you to respond to them.
PHASE II: TECHNICAL CAPABILITY ASSESSMENT
Proctored - must be scheduled in advance and completed at a designated assessment center within a prescribed period of time
There is a different assessment for each DHS-CS technical capability (visit Jobs to learn more about the technical capabilities)
Most individuals only have a primary technical capability and complete only one Technical Capability Assessment, but in limited circumstances, you may complete a second Technical Capability Assessment
You will have up to 2.5 hours to complete each Technical Capability Assessment; each takes about 90 minutes (on average) to complete
Assessments present realistic, work-related cybersecurity scenarios/questions to assess technical skills
Cybersecurity knowledge is assessed, but no knowledge of DHS is required
Applicants who successfully complete Phase II will undergo a resume review to confirm required experience. Applicants who pass this review will be invited to participate in a Phase III: Advanced Technical Interview. More information will be provided to such applicants as they progress through the application process.
PHASE III: ADVANCED TECHNICAL INTERVIEW
This interview is conducted on-demand (self-scheduled by you within a prescribed period of time) without live interviewers
Two types of questions will be presented: One type focuses on your previous experience and the other focuses on hypothetical situations or scenarios
This interview takes about 60 minutes (on average) to complete
Your proctored assessment results are valid for a period of one year after completion and will be kept and used toward future positions for which you might apply that require the same assessments.
To learn about the assessment process, visit our portal and read the "Assessment Process" guide.
Required Documents
Your resume. To help you prepare your resume before applying to the DHS Cybersecurity Service, visit our application portal and read the "Resume Tips" guide.
If you are requesting a reasonable accommodation to the online assessments, submit documentation to support your request, including the Reasonable Accommodation Request Form found here.
If you are a current or former political Schedule A, Schedule C, Non-career SES or Presidential Appointee employee please submit a copy of your applicable SF-50, along with a statement that provides the following information regarding your most recent political appointment:- Position title- Type of appointment (Schedule A, Schedule C, Non-career SES, or Presidential Appointee)- Agency- Beginning and ending dates of appointment.
#J-18808-Ljbffr