Deputy Chief Information Security Officer

United States Holocaust Memorial Museum - Washington, DC

posted about 2 months ago

Full-time - Senior
Washington, DC

About the position

The Deputy Chief Information Security Officer (D/CISO) at the United States Holocaust Memorial Museum is responsible for the planning, design, development, and deployment of security tools and strategies to protect the Museum's information, systems, and services from malicious intent. This role involves overseeing the IT security program, collaborating with various stakeholders, and ensuring that security practices align with industry standards and the Museum's strategic goals. The D/CISO will also manage the security incident response program and promote a culture of security awareness within the organization.

Responsibilities

  • Designs, implements, manages, and maintains an IT security program and strategy that protects the Museum's IT systems and data.
  • Fosters collaboration with program offices, auditors, and governmental partners to develop and implement security policies and guidelines.
  • Administers the Museum's security incident response program, including investments in technical controls and advanced IT security capabilities.
  • Promotes IT security across the systems development life cycle by providing advisory services on IT security-related issues.
  • Enables fact-based decision-making about security investments by synthesizing information from multiple sources.
  • Oversees the delivery of IT security services and introduces new services to aid in prioritization and roadmap creation.
  • Promotes a security-awareness culture through communication of national policies and development of security awareness materials.
  • Develops and executes budget plans and reallocates resources as needed.
  • Advises the Museum's Executive Team regarding IT security technology.
  • Maintains relationships with external entities to enhance the Museum's IT security program.
  • Develops IT security standards to prevent misuse and unauthorized access to Museum data.
  • Leads the Museum's development, security, and operations (DevSecOps) program.
  • Serves as a contracting officer's representative to oversee contracts supporting IT projects.
  • Supervises Museum staff engaged in various projects.
  • Anticipates, identifies, evaluates, mitigates, and minimizes risks associated with IT systems vulnerabilities.

Requirements

  • Professional security management certification such as CISM or CISSP.
  • 8+ years of experience in risk management, information security, and IT roles.
  • Experience with Identity and Access Management (IAM) policies and technologies.
  • Experience with IT Security Incident Response and Disaster Recovery planning.
  • Experience with IT Security audits, assessments, and cyber forensics.
  • Knowledge of information security management frameworks like ISO 27001 and NIST Cybersecurity Framework.
  • Familiarity with Zero Trust Architecture principles.
  • Hands-on experience with Extended Detection and Response and Network Traffic Analysis.
  • Experience in a DevSecOps environment or best-in-class development practices.
  • Experience with cloud computing across virtualized environments.
  • Experience with contract and vendor negotiations and management.
  • Proven ability to lead and motivate cross-functional teams.
  • Excellent written and verbal communication skills.

Nice-to-haves

  • Expertise with Identity and Access Management (IAM)
  • IT Security Incident Response
  • IT Security Audits and Assessments

Benefits

  • Life insurance
  • Vision insurance
  • 403(b) retirement plan
  • Health insurance
  • Dental insurance
  • Flexible spending accounts
  • Health savings account with employer contribution
  • Group term and supplemental life insurance
  • Short and long-term disability
  • Commuter subsidy
  • Employee assistance programs
  • Voluntary critical illness and accident insurance
  • Long-term care insurance
  • Pet insurance options
  • Telework and flexible schedule options

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service