“This position is located in the Department of Technology, IT Security Office, Security, Policy and Assessment (SPA) Division, National Systems Security Assessments [NSSA] Branch.”
“The incumbent of this position will serve as the NSSA Branch Chief and will oversee comprehensive assessments of national program office (NPO) information technology systems.”
- Providing leadership and technical supervision to subordinate personnel responsible for planning, operations and maintenance within the National Systems Security Assessment (NSSA) Branch; ensuring adherence to all IT operations and management policies.
- Developing and maintaining the schedule, production and distribution of the annual National System IT Security Scorecard, and ensures that it continues to evolve by completing data analysis of trends and managing the governance process.
- Planning, scheduling, managing and providing oversight of IT security assessments of National Program Office (NPO) IT systems to identify vulnerabilities, provide recommendations for their remediation, and to assist system owners in implementing effective safeguards…
- Managing the Cyber Security Assessment and Management (CSAM) tool, to include user access, the maintenance of the NPO system inventory and overall maintenance of the system and vulnerability management.
- Ensuring security assessment results are populated into CSAM directly, on schedule, and mirroring the NSSA Branch SOP assessment methodologies.
- Developing Risk Management Reports for enterprise systems.
- Serving as the subject matter expert for the development, management, and execution of NSSA services and work products. This includes outreach to service consumers, project planning, service delivery, and reporting…
- Overseeing validation testing of corrective actions taken by the consumers of testing services…
- Performing research to identify potential vulnerabilities and threats to existing web, applications, database, and operating system technologies, and provide timely, clear, technically accurate notification to management of the risk potential; and options for remediation.
- Providing assessment services for new or emerging technologies being considered for judiciary use.