DHS Chief Information Security Officer

Overview
The DHS Chief Information Security Officer (CISO) reports directly to the DHS Chief Information Officer, serves as the Department-wide Information Systems Security Manager (ISSM), and is the principal advisor for IT security matters.

The CISO:


 * Issues Department-wide IT security policy, guidance, and architecture requirements for all DHS IT systems and networks
 * Implements and manages the Department-wide IT Security Program and ensure compliance with FISMA and OMB requirements.
 * Serves as the principal Departmental liaison with organizations outside the DHS for matters relating to IT security.
 * Reviews and approves the tools, techniques, and methodologies planned for use in certifying and accrediting DHS IT systems. This includes Security Test and Evaluation (ST&E) plans, contingency plans, and risk assessments.
 * Reviews requests for waivers and exception to DHS IT security policy.
 * Consults with the DHS Chief Security Officer on matters pertaining to physical security, personnel security, information security, investigations, and SCI systems, as they relate to IT security and infrastructure.
 * Briefs the DHS Chief Information Officer and senior management on the status and outcome of ongoing and completed computer security incidents.
 * Tests and evaluates periodically the effectiveness of information security policies, procedures, and practices.
 * Develops and implements procedures for detecting, reporting, and responding to computer security incidents.
 * Ensures preparation and maintenance of plans and procedures to provide continuity of operations for information systems.