One of the most challenging and potentially rewarding jobs in government tech has been without a permanent leader since February.
The former Office of Personnel Management executive who held that spot retired in the wake of a devastating breach that left government computer systems and personal data exposed to hackers. Since that time, OPM has had two acting chief information officers — a short stint by one of the agency’s associate CIOs and now deputy federal CIO Lisa Schlosser, who came over on a detail from the Office of Management and Budget in March.
Schlosser and her new team at OPM are hoping the permanent CIO will be in place by the end of the summer. Her detail ends in September, but she will stick around to help the new CIO transition into the role. The position officially opened June 1, and applications are due June 22.
“This is a top priority for the acting director to get the permanent person on board, so that we can continue the momentum of our digital and IT transformation,” Schlosser said in a recent interview with GovLoop. She was joined by OPM’s Senior Cyber and Information Technology Adviser, Clif Triplett, who came on board last November to help advance ongoing security initiatives and recommend future improvements.
“There’s really two kinds of CIO roles,” said Triplett. First, there’s the maintain and operate role, where the CIO works to refine a good, stable operation and maybe tries to reduce costs.
“This is not that,” he said of the CIO position at OPM. “This is really an opportunity to carry forth, I think, a strong set of momentum, but the momentum has already been established here. Before the breach, the action had already begun. Unfortunately, the breach was discovered as part of that because we had already started taking some positive, progressive steps. The breach actually caused an acceleration. We’ve gained very strong support from the office of the president and Congress.”
Unlike some CIOs who are political appointees, OPM’s new IT leader will be a member of the Senior Executive Service (SES) Corps and a career fed, which means this individual won’t be out of a job come January. The position also comes with power, funding to tackle IT improvements, a healthy dose of scrutiny from onlookers and plenty of responsibilities.
Priorities for the OPM CIO
Part of the new CIO’s role will entail supporting development of the National Background Investigations Bureau. The new NBIB absorbed OPM’s Federal Investigative Services and all its duties, which includes conducting about 95 percent of the government’s background investigations, 600,000 security clearance investigations and 400,000 suitability investigations annually. NBIB will be housed within OPM, but DoD will assume responsibility for IT security of the systems and data related to the background investigations, the administration announced in January.
“OPM still is the accountable owning organization of NBIB,” Triplett explained. “It is a bureau within the OPM organization. What we’ve done to help us with scale and speed and with some of the competency that DoD brings to the table, we’ve outsourced the development of the new solution to DoD. It’s still in great coordination with us because the resources still are OPM’s. We still own the requirements. We don’t give up the accountability for the data.
“The CIO has to participate in that, to make sure what we get is meeting mission for our new investigations bureau,” Triplett said. The CIO will also play an active role in authorizing that the system is ready for use when the time comes and must work through the impacts of shifting management responsibilities of the system from OPM to DoD. There’s at least a year or so left in OPM’s journey with DoD to develop the system, during which time the CIO will be charged with supporting and operating existing services under FIS.
This new IT visionary will also lead the modernization and security of OPM’s IT infrastructure and applications, which is no small task. “We’re going to try to have to manage it with very tight costs, and we’re talking about a transformation to [a] DevOps model. I’m not going to say that’s going to be easy, and it’s going to take leadership. It’s going to be a culture change here, but it’s going to be an exciting, positive one,” Triplett said.
OPM is teaming with the General Services Administration’s digital team, 18F, to move to a DevOps model. That transformation began under Schlosser’s leadership and will continue under the new CIO.
“There’s going to be a lot of pressure to get it done in a short order, without guarantee that you’re going to get all the funding you might like to get,” Triplett said of the modernization efforts that the incoming CIO will be tasked to oversee. “We’re getting support, but support and getting everything you want are far a part.”
Next steps for OPM will involve preparing to move more services to a cloud ready environment and eventually to the cloud. OPM processes sensitive information, so “we can’t just run up and jump on anybody’s software, or go to anyone’s data center,” Triplett said. “Again, the challenges are now moving into the modernization of the infrastructure and the applications. This is the next really big challenge.”
Both Schlosser and Triplett are confident that the new CIO will have the necessary authorities granted under the Federal Information Technology Acquisition Reform Act to carry out these initiatives, including the power to sign off on all IT budgets and acquisitions. Reporting to the CIO are several new associate CIOs with various roles, including oversight of infrastructure services, application services, data management, and platforms. The CIO will also work closely with Triplett and OPM’s new chief information security officer, Cord Chase, who came on board in April.
“I’m very comfortable that we got the right people, and so long as we have the right leader to allow [momentum] to progress, we’re going to be in good shape,” Triplett said.