United States Department of Homeland Security - Washington, DC
posted 5 months ago
The Department of Homeland Security (DHS) is actively seeking professionals to fill various leadership roles within Cybersecurity Risk Management and Compliance. This includes positions such as Cybersecurity Risk Management Lead, Cybersecurity Governance Team Lead, Senior Risk and Compliance Program Manager, Cybersecurity Risk Consultant, and Risk Assessment and Compliance Manager. All roles are part of the DHS Cybersecurity Service, which employs a multi-phase assessment process to qualify applicants. This process is designed to identify individuals who have successfully completed the necessary evaluations for their respective capability and career track/level. Given the rapidly evolving landscape of cybersecurity, the DHS Cybersecurity Service utilizes 'Talent Pools' to maintain a pool of qualified candidates for ongoing consideration for relevant job openings. By applying to this job announcement, candidates are opting to be part of the DHS-CS Talent Pool, remaining eligible for consideration for up to one year from the date of completion. The DHS Cybersecurity Service offers a variety of opportunities across the Department, including specialized programs at the DHS Office of Strategy, Policy, and Plans (PLCY), the Cybersecurity and Infrastructure Security Agency (CISA), the DHS Office of the Chief Information Officer (OCIO), and the Federal Emergency Management Agency (FEMA). Depending on the specific career level and role, employees in the Leadership Career Track with a focus on Risk Management and Compliance will apply their expertise to perform a range of critical tasks. These tasks include overseeing the evaluation, documentation, validation, assessment, and authorization processes necessary to ensure that both existing and new information technology systems comply with the Department's cybersecurity and risk requirements. This role is pivotal in providing decision-makers with the knowledge needed to make informed risk decisions. In addition to technical responsibilities, the position involves considering risk assumptions and organizational tolerance for risk to inform strategic decision-making. Employees will lead teams or programs to assess adverse impacts or consequences to DHS, tailoring communications for various leadership levels and target audiences to present strategic recommendations. They will assist DHS leadership in making policy decisions that guide subsequent risk management processes and engage with stakeholders across multiple organizations to implement and assess necessary security and privacy controls. Furthermore, the role includes ensuring appropriate treatment of risk, compliance, and assurance from both internal and external perspectives, and reporting on the security state of systems to relevant stakeholders. Employees will also be responsible for maintaining situational awareness regarding the security and privacy posture of systems and collaborating with internal and external experts in risk management and compliance.