Deputy Chief Information Security Officer, Information Security Office, Office of the Chief Information Officer
U.S. Department of Homeland Security
Ms. Tamara Lilly is the Deputy Chief Information Security Officer (CISO) at the Department of Homeland Security in Washington, DC. As the Deputy CISO, Ms. Lilly utilizes her 30 years of management consulting and federal government experiences to strengthen the information security posture of the Department ensuring compliance with the Federal Information Security Modernization Act (FISMA). Ms. Lilly previously served as the Information Security Office Director responsible for managing the Department-wide information security policy and weakness remediation process. This role included overseeing the Department’s Plans of Action and Milestones (POA&M) Program to improve the security of DHS sensitive systems through timely remediation of IT security control weaknesses; facilitating compliance with FISMA by maturing DHS’ information security policy and configuration baseline guidelines; and liaising with executives and managers throughout DHS to facilitate the successful execution of responses to information security weaknesses identified through audits and security authorization reviews.
Ms. Lilly’s began her career at the U.S. Government Accountability Office (GAO), transitioned to private—Deloitte & Touché and Pricewaterhouse Coopers, and resumed in government with the DHS Office of the Chief Information Security Officer. Prior to DHS, she was primarily responsible for planning, managing, and performing performance and information technology and security audits of large federal and private entity programs and systems. This included assessing compliance with government regulations and standards and industry best practices, evaluating internal and IT controls, identifying and recommending needed control improvements, and preparing and presenting oral presentations and written reports to Congressional committees and agency/company executives.
Ms. Lilly’s collaboration with executives across DHS to identify and address IT security control weaknesses that impacted IT financial systems was recognized with her selection as a Federal Computer Week’s 2012 Federal 100 award winner.