- This position is located within the Chief Information Officer (CIO) organization. The CIO develops, coordinates, and maintains Commission-wide strategic and business information technology (IT) plans; develops the IT enterprise architecture; and ensures that all IT initiatives support all aspects of the Commission business plan and are compliant with Office of Management and Budget (OMB) directives. If selected for this position, you will serve as the Chief Information Security Officer and Director of the Cybersecurity and Information Assurance Division and report directly to the Chief Information Officer.
The Major duties of a Supervisory IT Specialist (Direct Hire Authority) are:
- Serves as the Commission’s Chief Information Security Officer directly responsible for developing and executing the Commission’s cybersecurity and privacy programs to effectively maintain a secure and stable environment for the Commission’s mission critical systems and data. Leads and manages teams to work with internal and external stakeholders to devise and implement cybersecurity strategies for effective protection of the Commission’s network, systems and data. Ability to effectively communicate to small and large audiences of varying levels of responsibility. Leads the preparation of the Commission’s mandated FISMA security and privacy reporting requirements and is responsible for providing written and oral responses to federal authorities which include but are not limited to the DOE Inspector General, DHS and Congressional Committees.
- Reviews, interprets, and provides communications to various stakeholders of the potential impact of emerging security technologies and requirements to the Commission’s enterprise infrastructure and mission critical applications. Ensures security requirements are designed, communicated, and implemented on all projects within an Agile project management framework.
- Leads all information security continuous monitoring services for the Commission’s systems, data, and network infrastructure. Ensures assessment and authorization (A&A) activities for mission critical systems by ensuring applicable security controls are tested and validated prior to issuing an Authority to Operate (ATO). Has overall responsibility for leading and executing the Commission’s security operations center to support incident response, vulnerability management, forensic investigations, and incident monitoring for all Commission information systems. Responsible for working with external authorities (Commission senior officials, congressional committees, external parties, etc.) for all communication and reporting requirements of the Commission’s cybersecurity posture.
- Responsible for designing and executing the Commission’s cybersecurity initiatives and developing and communicating the Agency’s cybersecurity strategy, coordinating with stakeholders in multiple program offices. Provides planning guidance for cybersecurity priorities within FERC to all designated IT personnel, including System Owners, Information System Security Officers, and Information System Security Managers, to ensure effective protection of critical systems and data used to enable FERC’s mission.”
G2X TAKE: Those who support the Department of Energy and in particular, the Federal Energy Regulatory Commission, may want to influence who applies for this role that reviews, interprets, and provides communications to various stakeholders of the potential impact of emerging security technologies and requirements to the Commission’s enterprise infrastructure and mission critical applications.