Greg Sisson, the Department of Energy’s chief information security officer, will be leaving his post on July 11 for a job in the private sector.
Sisson, who took over as acting CISO for the department in Sept. 2020 and was named as a permanent replacement in May 2021, announced his impending departure a LinkedIn message posted last week.
“I am grateful to the Department of Energy for trusting in me to work in and lead the cybersecurity program over the last 4 [plus] years. However, after 38 years of public service, I have decided to try the private sector,” he wrote.
Energy has already posted a job notice for Sisson’s replacement, which closes July 5. The position will be a “dual hat” role in that the candidate would serve as both the CISO and the deputy CIO, with responsibilities over developing and maintaining the department’s cybersecurity architecture and providing leadership and strategic direction both to the Office of the CIO and as the primary designated cybersecurity official on interagency committees and forums. The candidate would also oversee Energy’s Joint Cybersecurity Coordination Center.
The job is classified as a senior executive service position and a candidate must already be a member of the SES or get prior approval from the Office of Personnel Management to qualify. Applicants must also be vaccinated, qualify for a Q-level security clearance, pass a drug test and have an undergraduate or graduate degree in computer science or other technology and cybersecurity-related fields, though the notice says relevant IT working experience will also be considered.
In his post, Sisson did not clarify where he would be working next, except to say his last day would be July 11, his new job would be outside of government and he will “take on a role where I will have an opportunity to assist the energy sector in solving tough problems around resilience and cybersecurity.” He did not immediately respond to a request for comment from SC Media.
Sisson has a long and storied career in federal civilian and military cybersecurity. After serving two decades as a commissioned and noncommissioned officer in the U.S. Army, he spent three years as a cybersecurity advisor at the J7 Joint Force Development Directorate, which supports the Joint Chiefs of Staff and where he helped develop the Department of Defense’s cyber strategy, and another two and a half years as chief of staff and deputy director of operations (DJ3) at Joint Force Headquarters for the DoD Information Network under U.S. Cyber Command. During this time, he also earned a master’s degree in national security and strategic studies as from the College of Naval Warfare Studies in Rhode Island.
He arrived at Energy in 2018 as director of cyber operations and quickly worked his way up the departmental ladder to deputy CISO and acting CISO before taking over the post full time in May 2021. Under the Trump administration, he was charged with overseeing a number of enterprise cybersecurity goals, including identifying high-value IT assets and systems and developing enhanced risk management strategies, continuous monitoring plans and cybersecurity mitigations to protect them from malicious hackers.