USA Jobs
National Data Center Information System Security Officer (NDC ISSO)
The incumbent serves as a member of the Office of Information and Technology (OIT); Office of Information Security (OIS), Information Security Operations (ISO), Enterprise Security Operations (ESO); Data Center Support Division (DCSD) as a National Data Center Information System Security Officer (NDC ISSO) and ensures all National Data Centers in their area of responsibility (AOR) are in compliance with all information security laws and regulations. Major Duties: Serves as a National Data Center Information System Security Officer (NDC ISSO) and, within the ESO, Data Center Support Division (DCSD). The incumbent administers National Data Center (NDC) information security programs, through planning, analysis, development, implementation, maintenance, and enhancement of information systems programs, policies, procedures, and tools, under the leadership of the Deputy Director, DCSD. Communicates security processes and methodology for NDCs located throughout the department, and shares methodology, processes, and procedures with affected stakeholders for joint understanding and common baselines. Coordinates Assessment and Authorization (AA) activities for NDCs in conjunction with Infrastructure Operations (IO), Service Delivery and Engineering (SDE), Enterprise Systems Engineers, CyberSecurity Operations Center (CSOC), OIT Directors, ESO District Information Security Directors, DCSD Deputy Director, Network ISSMs, and facility ISSOs. Assists with the development, recommendations, and implementation of procedures and standards within their AOR, and provides an appropriate level of security, centered on acceptable risk, and industry best practices. Coordinates NDC Disaster Recovery efforts, contingency planning, and testing of approaches for: incorporating NDC contingency planning into local plans; testing site's disaster recovery plan; assessing the type of recovery required; assist in implementing recovery priorities; integrating all recovery actions. Performs planning and assessment tasks by developing security for information systems, contingency plans and disaster recovery procedures. Recommends and contributes to developing policies and procedures regarding prevention of unauthorized access to NDC systems, networks, and data. Conducts risk and vulnerability assessments to identify vulnerabilities, risks, and protection needs. Conducts enterprise systems security evaluations, audits, and reviews. Performs specialized enterprise project management and oversight by guiding projects; determining time frames, assignments, and processes to apply in achieving project milestones. Identifies and implements solutions regarding assignment issues, consulting with supervisor when appropriate. Performs problem solving by contributing to the resolution of information security issues, applying relevant security principles and practices to develop compensating controls or solve operational issues. Provides advice and technical support to the Deputy Director, Data Center Support Division on security related issues. Champions security awareness by promoting awareness of security requirements among employees located in data centers and VA facilities. Ensures sound security principles are reflected in all tasks to be accomplished (independently undertaken and group/team projects). Assesses security events to determine impact; select and implement corrective action as well as, gather and analyze data to provide focused reports on security compliance to appropriate oversight organizations. Ensures that IT security weaknesses identified in external or internal audits are documented. Ensure that issues are mitigated or risk is acceptable to ensure the integrity of IT systems and the employees who work with those systems. This position is bargaining unit eligible.
The incumbent serves as a member of the Office of Information and Technology (OIT); Office of Information Security (OIS), Information Security Operations (ISO), Enterprise Security Operations (ESO); Data Center Support Division (DCSD) as a National Data Center Information System Security Officer (NDC ISSO) and ensures all National Data Centers in their area of responsibility (AOR) are in compliance with all information security laws and regulations. Major Duties: Serves as a National Data Center Information System Security Officer (NDC ISSO) and, within the ESO, Data Center Support Division (DCSD). The incumbent administers National Data Center (NDC) information security programs, through planning, analysis, development, implementation, maintenance, and enhancement of information systems programs, policies, procedures, and tools, under the leadership of the Deputy Director, DCSD. Communicates security processes and methodology for NDCs located throughout the department, and shares methodology, processes, and procedures with affected stakeholders for joint understanding and common baselines. Coordinates Assessment and Authorization (AA) activities for NDCs in conjunction with Infrastructure Operations (IO), Service Delivery and Engineering (SDE), Enterprise Systems Engineers, CyberSecurity Operations Center (CSOC), OIT Directors, ESO District Information Security Directors, DCSD Deputy Director, Network ISSMs, and facility ISSOs. Assists with the development, recommendations, and implementation of procedures and standards within their AOR, and provides an appropriate level of security, centered on acceptable risk, and industry best practices. Coordinates NDC Disaster Recovery efforts, contingency planning, and testing of approaches for: incorporating NDC contingency planning into local plans; testing site's disaster recovery plan; assessing the type of recovery required; assist in implementing recovery priorities; integrating all recovery actions. Performs planning and assessment tasks by developing security for information systems, contingency plans and disaster recovery procedures. Recommends and contributes to developing policies and procedures regarding prevention of unauthorized access to NDC systems, networks, and data. Conducts risk and vulnerability assessments to identify vulnerabilities, risks, and protection needs. Conducts enterprise systems security evaluations, audits, and reviews. Performs specialized enterprise project management and oversight by guiding projects; determining time frames, assignments, and processes to apply in achieving project milestones. Identifies and implements solutions regarding assignment issues, consulting with supervisor when appropriate. Performs problem solving by contributing to the resolution of information security issues, applying relevant security principles and practices to develop compensating controls or solve operational issues. Provides advice and technical support to the Deputy Director, Data Center Support Division on security related issues. Champions security awareness by promoting awareness of security requirements among employees located in data centers and VA facilities. Ensures sound security principles are reflected in all tasks to be accomplished (independently undertaken and group/team projects). Assesses security events to determine impact; select and implement corrective action as well as, gather and analyze data to provide focused reports on security compliance to appropriate oversight organizations. Ensures that IT security weaknesses identified in external or internal audits are documented. Ensure that issues are mitigated or risk is acceptable to ensure the integrity of IT systems and the employees who work with those systems. This position is bargaining unit eligible.