This position is located in the Office of the Chief Information Security Officer (OCISO), Chief Information Officer Organization (CIOO) of the Federal Deposit Insurance Corporation (FDIC). The mission of the OCISO is to provide leadership, vision, definition and oversight of FDIC information security, cybersecurity and privacy programs. Additional selections may be made from this announcement to fill similar vacancies.
Qualifying experience may be obtained in the private or public sector. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g. Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic, religious spiritual; community; student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Additional qualifications information can be found here. To qualify, applicants must have completed at least one year of specialized experience equivalent to at least the 13 grade level or above in the Federal service. Specialized experience is defined as experience managing cloud security initiatives or programs; developing and executing cloud security roadmap, strategy, maturity and governance model; managing the CNAPP suite of tools and the daily operation; developing cloud security configuration policies to evaluate compliance and regulatory controls. You must have Information Technology (IT)-related experience which demonstrates proficiency in each of the following competencies: • Attention to Detail - Is thorough when performing work and conscientious about attending to detail. • Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. • Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. • Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.
Develops and executes a cloud security/Cloud-Native Application Protection Platform (CNAPP) strategy aligned with the agency's cloud adoption and cybersecurity goals. Leads the integration of security solutions across cloud environments. Establishes key performance indicators (KPls) to measure program effectiveness. Conducts regular reviews to identify areas for improvement and optimize security processes. Creates and maintains cloud security policies, standards, and procedures. Implements security controls across cloud-native applications and infrastructure. Serves as a liaison with cloud service providers and security vendors. Creates dashboards to provide visibility into the agency's cloud security posture. Prepares reports for senior leadership on cloud security status and recommendations.