• Director of Information Security

    Posted Date 2 months ago(10/3/2018 6:28 PM)
    # of Openings
  • Overview

    We are currently seeking an experienced, dynamic and collaborative professional to serve as a Director of Information Security within our Information Technology team.  Reporting to the CIO and Vice President of Information Systems with a dotted line to General Counsel Risk and Compliance you will:

    • provide leadership, direction, and management oversight to the team supporting USAC’s information confidentiality, integrity, and availability functions.

    This is an outstanding career opportunity for an individual interested in a genuine professional challenge in support of a public-spirited mission.


    Working in a creative and fast-paced environment, the Director of Information Security will ensures that all security, confidentiality, and privacy requirements are understood, monitors compliance with such requirements, and regularly assesses vulnerability status and related remediation efforts.  Among others, your responsibilities will include the following:

    • Ensures the confidentiality, integrity, and availability of USAC’s information assets and adequately protects that information consistent with information risk management policies that are compliant with the National Institute of Standards and Technology (NIST) and Federal Information Security Management Act (FISMA) requirements.
    • Identifies IT security risks and implements effective processes to address the associated exposures and facilitate business continuity.
    • Oversees the Risk Management Framework in accordance with NIST Special Publication (SP) 800-37, including categorization, control selection, control implementation, control assessment, and authorization.
    • Prepares security authorization packages in accordance with federal requirements.
    • Assesses and mitigates system security risks; determines and analyzes security requirements for implementation and testing.
    • Reviews and continuously monitors implemented security controls.
    • Creates and maintains security checklists, templates and other tools to aid in the Assessment and Authorization (A&A) process.
    • Performs security control assessment using NIST SP 800-53A guidance and as per continuous monitoring requirements.
    • Performs risk analyses to determine and recommend essential safeguards.
    • Proactively mitigates system vulnerabilities and recommends compensating controls.
    • Develops core documents such as System Security Plan, Business Impact Analysis, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, in accordance with applicable standards, including, but not limited to FISMA SP 800-34, 800-37, 800-53, and Federal Information Processing Standard (FIPS) 199.
    • Maintains Plan of Action and Milestones (PO&AMs) and supports remediation activities, including any audit findings related to the IT organization and information security operations.
    • Maintains an inventory of hardware and software for the information systems.
    • Serves as secondary contact for the annual FISMA audit.
    • Develops, tests and trains on Contingency and Incident Response planning.
    • Effectively communicates accurate and current status of the USAC security and risk posture to various stakeholders, including USAC executives and various FCC staff.
    • Manages a group of security architects, engineers, and administrators to provide 24 x7 security support. Defines roles and responsibilities, manages project activities, budgets and priorities, and provides performance reviews and development for all information security team members.
    • Manages the development and implementation of the IT security roadmap and ensures security is integrated into all IT and other USAC roadmaps as appropriate (e.g., business process changes, IT system upgrades, etc.).
    • Successfully manages and verifies the implementation of security policies and procedures within project activities managed by the Project Management Office, Application Development groups, and Infrastructure Operations; ensuring that projects properly comply with all established policies and change management processes.
    • Manages annual review cycle to ensure all security operations functions are well documented and are in compliance with NIST and FISMA requirements.
    • Establishes and maintains an effective partnership with USAC’s programs, IT organization, FCC, and vendors.
    • Other specific duties as assigned.

    About You


    The successful candidate will excel at operating in a diverse and fluid environment, and will be crucial for the success of the Information Technology Division.

    • You have A Bachelor’s Degree in Information Technology, Computer science, or Engineering is preferred; relevant work experience (over ten years) may be acceptable. Strong experience and knowledge in the following areas expected:
      • NIST
      • FISMA
      • Audit Assessment Experience (internal and external)
      • Active Directory Systems
      • Network Security
      • Database Security
      • Operating Security
      • Application Security
      • System Security
      • Incident Response Management and Training
      • Enterprise IT Policy and Definitions
      • Forecasting/Budgeting
      • Staff Management

    The following skills are desired:

    • You have a CISSP Certified Information Systems Security Professional.
    • You have a CISM Certified Information Security Manager.
    • You have a SANS Certification.


    About USAC

    Through its administration of the $10 billion Universal Service Fund (USF) programs on behalf of the FCC, USAC works to promote the availability of quality services at just, reasonable and affordable rates and to increase access to advanced telecommunications services throughout the nation. Specifically, the USF programs provide funding for the expansion of telecommunications and broadband access to rural communities and health care facilities, schools and libraries across the country, and low income households. Through program administration, auditing, and outreach, USAC works with contributors, service providers, and program beneficiaries to achieve the program goals articulated by the FCC for each of these programs.


    The FCC has reformed the USF to support further investment in and access to evolving broadband infrastructure, making the programs a primary vehicle to support this critical national priority. USAC, as the administrator of the USF, plays a critical role in supporting the ambitious vision to ensure that all citizens in the United States have access to high-speed broadband. The organization has approximately 500 employees with an operating budget of more than $200 million. USAC works in close partnership with the FCC and other federal and state partners to support the achievement of the USF program goals.


    USAC administers the USF programs—High Cost, Lifeline, Rural Health Care, and Schools and Libraries. USAC strives to provide efficient, responsible stewardship of the programs, a key national asset in making important telecommunications and Internet services available to consumers, health care providers, schools, and libraries throughout the United States. The program divisions are supported by additional USAC personnel in Finance, General Counsel, Information Systems, Internal Audit, the Enterprise Program Management Office and Human Resources. Consistent with FCC rules, USAC does not make policy for or interpret unclear provisions of statutes or the FCC’s rules.


    Universal service is paid for by contributions from telecommunications carriers, including wireline and wireless companies, and interconnected Voice over Internet Protocol providers, including cable companies that provide voice service, based on an assessment of their interstate and international end- user revenues. These contributions are most typically passed through to consumers through a universal service fee line item on their telephone bills.


    Additional information on USF programs can be found at: http://www.usac.org/about/about/who-we- are/default.aspx


    USAC offers a comprehensive benefits package, ongoing professional development opportunities, including vacation and sick leave.


    USAC is an Equal Opportunity Employer. Only principals will be accepted. No agencies please.


    To apply, please submit a cover letter and resume, click the “Apply For This Job Online” button.


    USAC employees are passionate about our mission. Our work contributes to the success of all Americans. We’ve worked together to build a culture that is collaborative, ambitious, outcome-oriented, and feedback-focused.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.