Chief Information Security Officer

Washington, D.C
Sep 28, 2022
Oct 06, 2022
Executive, Chief
Full Time

As a recognized government and industry IT information security and cyber security expert, the CISO assists in the preparation of budget justifications and ensuring compliance to federal statues and directives governing management of enterprise-wide security operations, Risk Management, mitigation of security vulnerabilities and improvement of the Commission's IT security posture. The CISO will:
  • Advise the CIO and other Commission officials on cyber-security policies, standards, directives and guidance.
  • Oversee the development and implementation of the strategic plans and operating procedures to achieve the Commission's cyber-security objectives and priorities.
  • Establish goals for improving the efficiency and effectiveness of the Commission's cybersecurity program objectives and requirements.
  • Will be responsible for the coordination and integration of all aspects of the Commission's cyber, telecommunications, and information security programs.
  • Will represent the Commission at meetings and conferences with internal and external partners, customers, and with other strategic leaders throughout the Federal government to exchange information and develop new methods and systems that may benefit the Commission's IT security program. Integrate cyber-security policies for the Commission; develops and establishes policy for all functional areas, determines the methodology to be employed; and oversees the identification and resolution of critical problems and issues.
  • Oversee the development and implementation of the Commission's internal and external cybersecurity policy initiatives.
  • Develop policy and coordinate agency groups that promote the Commission's cyber-security guidelines, directives, and procedural initiatives.
  • Establish guidelines, direction and policy for computer incident response capability of IT systems with the Commission, as well as virus protection/software patch management, and other steps as available and necessary to ensure that IT systems are readily available and protected against harmful acts.
  • Prepare an annual budget report on cyber-security expenses, to be included in the Commission's budget submission to Congress, describing the progress in achieving mission goals to ensure the protection of Commission's information and IT systems.
  • Develops, designs and implements a process of enhancing the value of the Commission's cybersecurity program and managing the risks of the IT initiatives.
  • Ensures the timely performance of a satisfactory amount of quality work; reviewing work products of subordinates and accepting, amending, or rejecting their work; planning work to be accomplished by subordinates; setting priorities and preparing schedules for completion of work; assigning work to subordinates based upon priorities, selective consideration of the difficulty and the requirements, and capabilities of employees; evaluating performance of subordinates, giving advice, counsel, or instruction to individual employees on both work and administrative matters; interviewing candidates for positions; making recommendations for appointment, promotion or reassignment involving such positions; hearing and resolving complaints from employees; referring group grievances and the more serious complaints not resolvable at the incumbent level of the Director; effecting disciplinary measures such as warnings and identifying developmental and training needs of employees, and providing or making provision for such development and training.
  • Provide for the effective selection of cyber-security investments made by the executive agency, and the management and evaluation of the results of such investments. Directs cyber-security reviews and studies concerning cyber-security programs.
  • Responsible for the integration of cyber-security requirements and programs into the Capital Planning and Investment Control program and the IT investment, business case process.
  • Responsible for the processes for budget, financial, strategic plans, and enterprise architecture and program management decisions as it relates to cyber-security within the Commission.


Conditions of Employment

  • Must submit a financial disclosure statement upon assuming the position.
  • Males born after 12/31/59 must be registered with Selective Service.
  • Serve a probationary period of one year, if applicable.
  • Suitable for employment as determined by a background investigation.
  • US Citizenship.
  • Ability to obtain and maintain Top Secret/SCI security clearance.
  • Drug Test Required

- Before hiring, an agency will ask you to complete a Declaration for Federal Employment to determine your suitability for Federal employment and to authorize a background investigation. The agency will also ask you to sign and certify the accuracy of all the information in your application. If you make a false statement in any part of your application, you may not be hired; you may be fired after you begin work; or you may be fined or jailed. If you are a male over age 18 who was born after December 31, 1959, you must have registered with the Selective Service System (or have an exemption) to be eligible for a Federal job.

- If applicable, you will be required to serve a trial period of one year.

- In order for you to be employed at the FCC, there are certain Commission and Federal laws governing the financial interests of you and members of your immediate family. If selected for the position, you must submit a financial disclosure statement upon assuming the position.

Federal agencies may request information regarding the vaccination status of selected applicants for the purposes of implementing other workplace safety protocols, such as protocols related to masking, physical distancing, testing, travel, and quarantine.


Applicants must provide detailed evidence of possession of each of the Executive Core Qualifications and Mandatory Technical Competencies listed below to assist reviewing officials in determining the best qualified candidates to be referred to the selecting official. FAILURE TO MEET OR ADDRESS ANY ONE OF THE MANDATORY TECHNICAL OR EXECUTIVE CORE QUALIFICATION STANDARDS WILL ELIMINATE A CANDIDATE FROM FURTHER CONSIDERATION.

The following competencies are the foundation for success in each of the Executive Core Qualifications (ECQs) listed below: Interpersonal Skills; Oral Communication; Integrity/Honesty; Written Communication; Continual Learning; and Public Service Motivation. These Fundamental Competencies are cross-cutting and should be addressed over the course of your ECQ narratives. For more information, refer to the OPM Guide to Senior Executive Service (SES) Executive Core Qualifications available on-line at: OPM SES ECQ Guide . Leadership competencies associated with ECQ should be addressed in the narrative associated with the ECQ.

ECQ 1 - Leading Change: Ability to bring about strategic change, both within and outside the organization, to meet organizational goals. Inherent to this ECQ is the ability to establish an organizational vision and to implement it in a continuously changing environment.

Leadership Competencies: Creativity and Innovation; External Awareness; Flexibility; Resilience; Strategic Thinking; Vision

ECQ 2 - Leading People: Ability to lead people toward meeting the organization's vision, mission, and goals. Inherent to this ECQ is the ability to provide an inclusive workplace that fosters the development of others, facilitates cooperation and teamwork, and supports constructive resolution of conflicts.

Leadership Competencies: Conflict Management; Leveraging Diversity; Developing Others; Team Building

ECQ 3 - Results Driven: Ability to meet organizational goals and customer expectations. Inherent to this ECQ is the ability to make decisions that produce high-quality results by applying technical knowledge, analyzing problems, and calculating risks.

Leadership Competencies: Accountability; Customer Service; Decisiveness; Problem Solving; Technical Credibility

ECQ 4 - Business Acumen: Ability to manage human, financial, and information resources strategically.

Leadership Competencies: Financial Management; Human Capital Management; Technology Management;

ECQ 5 - Building Coalitions/Communication: Ability to build coalitions internally and with other Federal agencies, State and local governments, nonprofit and private sector organizations, foreign governments, or international organizations to achieve common goals.

Leadership Competencies: Partnering; Political Savvy; Influencing/Negotiating

NOTE: Those applicants currently serving under a career Senior Executive Service appointment, who are eligible for reinstatement into the Senior Executive Service, or who have successfully completed a Senior Executive Service Candidate Development Program approved by OPM, need not submit a narrative statement covering each of the Executive Core Qualifications. However, those applicants must address the following Mandatory Technical Competencies.

MANDATORY TECHNICAL COMPETENCIES: All candidates must submit a narrative statement (as reflected in your answers to the Vacancy Questions or upload as a separate document) addressing each of the following Technical Competencies.
  • Expert mastery knowledge and demonstrated leadership directing a cyber and information security program for a multi-faceted organization, to include IT budget and investment management; IT security planning, governance, and risk; certification and accreditation of IT systems; security operations and cyber incident response; cyber awareness training and education; and information system security and assurance, as well as expertise in performing resource analysis, data validation, and information delivery for complex IT systems and projects.
  • Expert knowledge and demonstrated expertise in applying expert knowledge of Information Assurance and Security policy and techniques, Information Systems, Business Process Improvement, Information Technology (IT) Life Cycle and Acquisition Oversight and Procurement, Program and Project Management, Architecture, Strategic Planning, Performance Measurement, emerging technologies and IT Capital Planning, to accomplish major organizational projects,/initiatives and assignments; ensuring the integration of IT programs and services; developing solutions to integration/interoperability issues; designing, developing, and managing systems that meet current and future business requirements; and applying, extending, enhancing, or optimizing the existing architecture.
  • Demonstrated skill in developing, implementing and effectively managing: (a) the achievement of the organizational cyber and information security strategic plan (vision goals and objectives), (b) ensuring conformance with legislative and other regulatory requirements for effective management and utilization of IT resources; (c) developing, leading, and advancing cyber and information security policy initiatives; and (d) assuring application and delivery of IT services in a steady-state and operationally active environment.

  • Additional information

    EEO Policy Statement
    Reasonable Accommodation Policy Statement
    Veterans Information
    Legal and Regulatory Guidance

    Federal agencies may request information regarding the vaccination status of selected applicants for the purposes of implementing other workplace safety protocols, such as protocols related to masking, physical distancing, testing, travel, and quarantine.