Associate Chief Information Officer and Senior Agency Information Security Officer
For the 5th year in a row NASA has been ranked the best large agency to work for in the federal government
by the Partnership for Public Service. Click the "About the Agency" link to learn more.
About the Agency (http://nasajobs.nasa.gov/careers-lp.htm).
This position serves as Associate Chief Information Officer (ACIO) for Information Technology (IT)
Security Division, reporting to the NASA CIO, and is responsible for Cybersecurity for NASA and the Agency wide
CIO community, establishing cost-effective policies, programs, and frameworks for the security of information and
information systems at NASA.
To receive consideration, you must submit a resume and answer NASA-specific questions, and address the Technical Qualification. The NASA questions appear after you submit your resume and are transferred to the NASA web site. If you successfully apply, USAJOBS will show your application status as 'Received'. If your status is 'Application Status Not Available', you have not successfully applied. Do not rely on a USAJOBS email to confirm successful application. Only an email from NASA confirms a successful application.
To qualify, candidates must have the skill and ability to perform the duties described above as demonstrated by progressively responsible supervisory/managerial experience, normally with several years at the GS-15 level or equivalent, which demonstrates clearly the ability to manage people and resources. Candidates must also demonstrate qualifications in the managerial and technical areas noted below. See the SES Handbook and NASA's Guide to Effectively Preparing Executive Core Qualifications for more information. IMPORTANT: CANDIDATES MUST FULLY ADDRESS ALL ITEMS UNDER EXECUTIVE CORE QUALIFICATIONS AS WELL AS ALL ITEMS UNDER TECHNICAL QUALIFICATIONS. WE STRONGLY RECOMMEND YOU COMPLETE YOUR ANSWERS OFF-LINE IN ADVANCE OF BEGINNING THE APPLICATION PROCESS, SO THAT YOU CAN INSERT THEM INTO THE ELECTRONIC FORM. INCOMPLETE APPLICATIONS ARE NOT SAVED.
EXECUTIVE CORE QUALIFICATIONS:1. Leading Change - Involves the ability to bring about strategic change, within and outside the organization, to meet organizational goals. Inherent to this is the ability to establish an organizational vision and to implement it in a continuously changing environment. 2. Leading People - Involves the ability to lead people toward meeting the organizations vision, mission, and goals. Inherent to this is the ability to provide an inclusive workplace that fosters the development of others, facilitates cooperation and teamwork, and supports constructive resolution of conflicts. 3. Results Driven - Involves the ability to meet organizational goals and customer expectations. Inherent to this is the ability to make decisions that produce high-quality results by applying technical knowledge, analyzing problems, and calculating risks. 4. Business Acumen - Involves the ability to manage human, financial, and information resources strategically. 5. Building Coalitions - Involves the ability to build coalitions internally and with other federal agencies, State and local governments, nonprofit and private sector organizations, foreign governments, or international organizations to achieve common goals.
1. Demonstrated knowledge of risk assessment and management practices, and the ability to manage complex Agency-wide project plans for mitigation of cybersecurity vulnerabilities. This includes extensive knowledge of Federal legislation, directives, guidelines and best practices for cybersecurity, especially guidance from NIST. Provide examples how you have successfully met this requirement.
2. Demonstrated experience formulating and overseeing a comprehensive, integrated, and leveraged/cost-effective cybersecurity Program necessary to improve an Agency’s cybersecurity posture, mitigate cybersecurity vulnerabilities, and combat cybersecurity threat. This includes providing information security protections, utilizing a risk-based approach, as well as determining the levels of cybersecurity to appropriately protect the confidentiality, integrity and availability of information and information systems. Provide examples how you have successfully met this requirement.
3. Experience representing a departmental level organization to other Federal Agencies and/or private industry and obtaining cooperation of individuals with diverse backgrounds, disciplines and perspectives. Provide examples how you have successfully met this requirement.
Under Executive Order 11935, only United States citizens and nationals (residents of American Samoa and Swains Island) may compete for civil service jobs. Agencies are permitted to hire noncitizens only in very limited circumstances where there are no qualified citizens available for the position.
The Associate Chief Information Officer (ACIO)/Senior Agency Information Security Officer (SAISO) for the Information Technology (IT) Security Division, reporting to the NASA Chief Information Officer (CIO), is responsible for cybersecurity for NASA and the Agency-wide CIO community, establishing cost-effective policies, programs, and frameworks for the security of IT and information in NASA. As the SAISO the incumbent will ensure the overall protection of the Agency's information and information systems.
Specifically, the ACIO/SAISO executes the following:
Leads NASA's cybersecurity as the Associate Chief Information Officer (ACIO)/Senior Agency Information Security Officer. In this capacity, the incumbent is primarily responsible for ensuring NASAs cybersecurity program is protective of NASA's information assets. Provides leadership, and oversight in developing and promulgating an end-to-end, comprehensive cybersecurity architecture that meets or exceeds Federal Standards.
Oversees the implementation of the Agency cybersecurity Program, consistent with applicable laws, regulations, management initiatives and policies. Promulgates Agency-level cybersecurity directives and requirements to improve NASA's security posture, mitigate cybersecurity vulnerabilities, and combat the cybersecurity threat.
Provides Agency-level liaison with external (both public and private) entities on mutual cybersecurity interests to improve the cybersecurity of the U.S. Federal government. Fosters cooperative relationships with other Federal Agencies, U.S. and International communities, industry, academia, research establishments, Administration officials and Congress.
Establishes and manages NASA's Cyber Risk Management Framework in accordance with Federal requirements (FISMA, Continuous Diagnostics and Monitoring Requirements, etc.) Department of Homeland Security guidance, and National Institute of Standards and Technology (NIST) standards ensuring overall protection of the Agency's information and information systems.