Serves as the Agency Information Systems Security Officer (ISSO) responsible for ensuring the Agency Information Security Program requirements are planned and implemented across the General Support System, and mission critical and non-critical business applications, internal and external.
Oversees and manages all external audits, security assessments, and penetration testing activities. Conducts scheduled or ad-hoc compliance reviews, internal audits and ongoing monitoring activities (where applicable).
Provides technical assistance to remediate critical vulnerabilities and security weaknesses through the completion of Plans of Action and Milestones (POA&Ms). Conducts and documents risk and vulnerability assessments of planned and installed IT systems to determine level of risk to confidentiality, integrity, and availability of Agency systems and data.
Serves as the liaison for DHS Shared Cybersecurity Services Program, including the coordination of deployment, training, and implementation of data feeds, tools, and services. Coordinates, collects, and tracks data/responses to Annual FISMA CIO Metrics, DHS CDM Program Office, and other Government-wide Initiatives and/or Agency-specific Data Calls.
Participates in software development projects by guiding software developer in applying security engineering principle throughout the system development life cycle, to include requirements definition, analysis, design/architecture, development, and testing for new systems or major enhancements to existing systems.
Reviews and recommends approval of preliminary and detailed systems designs/architecture to ensure alignment with security requirements and compliance Agency IT security policies, procedures, and guidance.