Information Systems Security Officer (ISSO)

The Information Systems Security Officer (ISSO) will support program management, project management, IT governance, enterprise architecture, security architecture, financial analysis, and strategy development support services. The candidate will apply knowledge of cyber and department priorities to define strategic planning direction, determines how to prioritize initiatives, and identifies programs or infrastructure required to achieve desired goals within the Cybersecurity ISP Program and Enablers.DUTIES SND RESPONSIBILITIES:Develop and recommend key performance indicators (KPIs) and performance metrics to determine the effectiveness of policies and processes.Take an inventory of current defined business and project management processes, analyze gaps and propose list to develop absent documentation.Review current Information Assurance (IA) project management processes and propose recommendations for improvement and efficiency.Map and build Cybersecurity Strategy Plan to ISO-27K Framework.Review IA’s ISO-27K implementation infrastructure, strategy, and progress.Support the chief information security officer (CISO) in developing an effective program management structure and framework to support the internal operations of the DCIO office.Analyze the IA portfolio and develop a detailed work breakdown structure (WBS) that will provide increased visibility into the ongoing projects and initiatives supported by IA.Develop project schedules and facilitate status meetings with key project stakeholdersAssessment of IA’s activities and organizational structureWork with the DCIO Strategy team to establish an implementation plan for IA’s Cybersecurity StrategyAssist the DCIO with interjecting Cyber Security into the CPIC ProcessDevelop and maintain a complete, coherent, and compelling Business Case (and other budget submission documentation) to justify DCIO budget requirementsFacilitate the governance structure and processes that enable IA IT investments.Address IAs eGov PMO, VMO, and SPO reporting requirements (including iMATRIX and iSchedule) and other portfolio management data calls