“Responsibilities
- As NIH CISO, the incumbent provides executive level leadership, direction, and oversight for planning, coordination, and control of NIH-wide cybersecurity infrastructure and technology functions for NIH and overseeing a $50M budget.
- Functions as the principal technical advisor to the Chief Information Officer (CIO), the Deputy CIO, and senior NIH officials on cybersecurity infrastructure and technology across the 27 Institutes/Centers engaged in cutting-edge biomedical research.
- The incumbent ensures the cybersecurity programs are consistent with the current security and business needs as well as long-term goals of NIH and complies with all requirements of the Federal Information Security Management Act (FISMA);
- Defines and manages a comprehensive framework to protect government information, operations, and assets against natural or man-made threats.
- Provides strategic planning and close coordination, integration, and support for NIH cybersecurity and counter-intelligence initiatives and physical security through effective collaboration with all levels of staff throughout the NIH to include:
- Executives, research scientists, and technical staff as well as other diverse groups to proactively assesses risks and improve the NIH information security posture.
- Directs and manages a cybersecurity program that protects NIH information and its assets, cybersecurity policy, and related functions, including NIH-wide operational activities 24 hours a day, 365 days a year.
- As a recognized subject matter expert and authority on cybersecurity infrastructure and technology, the NIH CISO represents and speaks for the CIO and Deputy CIO in dealing with key officials.
- Contacts include staff across NIH, HHS officials, Office of Management and Budget officials, representatives of business and industry, Congressional committees and staffs.
- The NIH CISO will proactively work with organizational units and partners to implement practices that meet agreed-on policies and standards for information security and privacy;
- These include but are not limited to the Federal Information Security Management Act of 2002 (FISMA); the Office of Management and Budget (OMB) Circulars A-130, Management of Federal Information Resources;
- A-123, Management Accountability and Control; the Privacy Act of 1974; The E-Government Act of 2002; and the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
- The issues taken on by this role directly affect the entire Agency and the security of critical research programs and information involving public health issues of national and international significance and interest.
- The incumbent’s analysis of the implementation of innovations in cybersecurity infrastructure and technology ensures the continuing development and deployment of the latest state-of-the-art in cybersecurity and industry best practices.”
Read the full job description here.
G2X TAKE: Those who support the National Institutes of Health may want to influence who applies for this SES role that provides executive level leadership, direction, and oversight for planning, coordination, and control of NIH-wide cybersecurity infrastructure and technology functions for NIH and oversees a $50M budget.
