Summary The Congressional Budget Office is a small nonpartisan agency that provides independent, objective economic and budgetary analysis to the Congress. The agency seeks a senior information security engineer to manage an effective program to protect its information systems. The person in this position serves as the agency's top information security professional and reports to the chief information officer. Responsibilities The senior information security engineer develops and applies the tools and approach necessary to protect CBO's network and computer systems. Responsibilities include developing and reviewing security guidelines, policies, and procedures and enforcing compliance with them, while balancing the need to facilitate the work of CBO's analytical staff; providing leadership in analyzing and addressing vulnerabilities and attempted intrusions and in preventing systems and data from being compromised; conducting security reviews and risk assessments; and providing recommendations to keep the agency's enterprise architecture and network secure. Requirements Conditions of Employment US citizenship or current permanent residents seeking citizenship SPECIAL REQUIREMENTS: Top-Secret background investigation Qualifications The position requires the following: Candidates must be able to obtain and maintain a top-secret security clearance. Strong oral and written communication skills, especially the ability to explain complex technical material clearly to senior staff, information systems professionals, and both technical and nontechnical users; The ability to organize and plan effectively; The ability to analyze and solve complex security problems that demand innovative solutions; The ability to adapt to evolving circumstances, technologies, and priorities while leading initiatives; The ability to work effectively with technical and nontechnical colleagues; and The flexibility to work additional hours as required. A bachelor's degree or applicable certifications are preferred. TECHNICAL QUALIFICATIONS: Candidates must have 8 to 10 years of information technology experience, with at least 5 years of recent experience in conducting risk analysis, ensuring telecommunications security, evaluating system vulnerabilities, auditing logs, and developing information security policies and procedures. The most important requirement for this position is demonstrated expertise in a variety of security systems and technologies currently in place. Also required is recent experience with cloud security and advanced threat defense, firewall implementation and system penetration technology, malware detection, and network operating systems (the administration of Windows, Linux, or cloud operating systems is a plus). Experience with information technology security concepts, NIST 800-53 controls and requirements, and the MITRE ATT&CK framework is preferred. Significant familiarity with the following particulars is a plus: communication backbones, network protocols, LAN/WAN, servers, router configurations, network troubleshooting, data encryption methods, mobile device management and policy platforms, and monitoring and management tools. Education EDUCATION: A bachelor's degree or applicable certifications are preferred. Additional Information This job is being filled by an alternative hiring process and is not in the competitive civil service.