As a recognized expert in the field of information technology (IT) security, provides authoritative guidance to DOJ IT security program. Develops long-range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities. Manage the implementation of security programs/projects designed to anticipate, assess, and minimize system vulnerabilities. Coordinates the implementation of security programs/projects across platforms to ensure ITSD security program goals are achieved throughout the OCIO system development lifecycle.
Has responsibility for assuring that OJP systems are in compliance with requirements from NIST and DOJ regulations including the security engineering elements of the DOJ Security & Privacy Assessment & Authorization Handbook (SPA&A). Will serve as a key advising role to ITSD Director when implementing new IT security technologies. Manages the OCIO Information Assurance security program/projects by providing guidance and recommendations to management on critical security issues within the context of published accepted Government standards and leading practices within the FISMA, Computer Security Act, OMB Circular A-130 to include all Federal security regulations and DOJ security directives.
Develops policies, guidelines, and standards for the planning, development, integration, implementation, and evaluation of information technology (IT) systems and subsystems that meet overall information needs of multiple major organizational units. Provides policy guidance, and standards for the planning, development, integration, implementation, and evaluation of information technology (IT) systems and subsystems that meet overall information needs of multiple major organizational units, ensuring that guidance provided reflect research on impacts, benefits, and disadvantages to policy decisions. Supports major agency-wide IT policy development efforts. Directs work assigned to a project team, reviewing and refining the final products prior to submission to management. Coordinates policy dissemination, manages policy maintenance, and develops mechanisms to measure policy effectiveness and compliance.
Plans and develops objectives and milestones for long-range IT projects that involve substantive, mission-oriented programs, such as projects implementing enterprise-level applications and/or changes to IT infrastructure to meet an agency's modified business processes. Conducts analyses, develops project goals, objectives, and strategies, as well as other strategic, tactical, and business planning activities.
Provides oversight of security engineering when either designated by supervisor or by conducting routine work assignments. Will ensure that security policies are being enforced and that the industry best practices are implemented securely. Will ensure that security policies are being enforced and that the IT security operations are managed efficiently. Will be tasked on occasion to become primary project manager on assigned projects. Will adhere to current industry standards and federal regulations.
