Listing Description
The Center for Strategic and International Studies (CSIS) is a non-profit, bipartisan public policy organization established in 1962 to provide strategic insights and practical policy solutions to decision-makers in government, international institutions, the private sector, and civil society. Over the years, it has grown to be one of the largest organizations of its kind, with a staff of more than 300 employees working to address the changing dynamics of international security across the globe.
JOB SUMMARY
This position reports to the CIO and is responsible for the successful management of all aspects of the cybersecurity infrastructure at CSIS. The Director of Information Security works with relevant staff to identify, develop, manage, and maintain the process and technology across the organization to reduce and mitigate cyber and digital risk. The DIS serves as a liaison with cybersecurity vendors, counterparts at similar organizations, and law enforcement on related issues. The DIS works with CSIS staff on training for cybersecurity.
KNOWLEDGE, EDUCATION, AND EXPERIENCE:
• B.A./B.S. required.
• Advanced degree and/or cybersecurity certification preferred such as CISSP or CISM.
• Minimum 10 years related experience in information technology, including 5 years of IT management preferably focused on cybersecurity.
• Ability to work closely with a range of individuals with diverse interests, backgrounds, and dispositions.
• Must possess strong communication skills including the ability to effectively present information and respond to questions from constituency groups, media, governmental entities, and the public.
• Attention to detail and ability to manage competing priorities.
• Must possess strong interpersonal and teamwork skills.
PHYSICAL REQUIREMENTS AND WORK CONDITIONS:
The physical demands are representative of those that must be met by an employee working in an office environment. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential job functions. The noise level in the work environment is usually moderate.
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.
Affirmative Action/Equal Opportunity Employer.
Job Location
Washington, District of Columbia, United States
Position Type
Full-Time/RegularManages enterprise wide security policies and systems.
Managing, selecting, and updating network-related security systems. This includes but is not limited to firewall, IDPS, proxy service, and other network tools that create a secure environment for CSIS.
Managing, selecting, and implementing endpoint protection tools such as anti-virus, whitelisting software, software as a service security tools, and other cybersecurity tools that reside on end points.
Managing and selecting cloud-based security tools for CSIS cloud services such as Office 365 and Salesforce.
Selecting and developing new cybersecurity tools to better protect CSIS information and ICT resources.
Works with CIO to develop, implement, and monitor long-term information security policy and privacy strategies.
Update necessary user polices to reflect current cybersecurity environment. Ensure staff are aware of these policies.
Update necessary center-wide policies on cybersecurity issues and coordinating with other departments, such as Human Resources and Finance and Accounting, to ensure they are aware of these polices and are followed for their relevant information.
Work with CIO and other senior-level staff to provide information to assist in long-term decision making.
Coordinates with IT staff, vendors and law enforcement on cybersecurity issues or incidents.
In response to a cybersecurity incident, works with staff to ensure their information can be secured and that best practices are followed.
Provides relevant information to law enforcement officials, consultants, and cybersecurity vendors when requested.
Works with cybersecurity vendors, other peer organizations, and law enforcement to share information on threats, sample files, and additional information that could be helpful to protect CSIS infrastructure as well as other organizations.
Provides other members of the IT team tasks related to responding to cybersecurity incidence.
Ensuring backup and disaster recovery best practices are followed to enable restoration of data in case of an incident.
Stays abreast of legal or regulatory requirements and best practices for cybersecurity that impacts CSIS.
Any changes to federal, state or local cybersecurity laws or rules that impact CSIS must be understood.
Provide updates to CSIS cybersecurity or privacy tools as required by changes in our legal or regulatory environment.
Updates systems and tools based on best practices of other similar organizations.
Creates reporting framework and structure to assess effective cybersecurity tools, policies, and processes in conjunction with CIO.
Create a reporting process for cybersecurity tools that have been put in place and an evaluation of their effectiveness.
Provide regular reports to CIO and other decision makers on cyber incidents that includes scope and severity of each incident.
Work on dashboards and other tools that consolidate cybersecurity alerts and information into fewer places, allowing IT staff to clearly understand cyber incidents using fewer tools and respond in a more organized manner.
Assists in budget processes related to cybersecurity.
Work with CIO and other IT team members to ensure cybersecurity tools are correctly budgeted.
Provide updated pricing for increased cybersecurity as part of the day-to-day management of cybersecurity infrastructure.
Listing Details
- Citizenship: No Requirements
- Incentives: Not Provided
- Education: Bachelors Degree
- Travel: Travel 25
- Telework: Optional Telecommute