This profile focuses on the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS). For a more general overview of DHS and its relevance to AI policy, see:
Department of Homeland Security (DHS)
DHS is integral to US national security, handling cybersecurity, counterterrorism, border security, and disaster response. DHS’s role in AI policy is growing, focusing on potential security threats in cybersecurity, election security, and critical infrastructure protection.
Overview
The Cybersecurity and Infrastructure Security Agency (CISA) in the Department of Homeland Security is the nation’s cyber defense agency and national coordinator for critical infrastructure security and resilience. In practice, this means that CISA is responsible for operational cyber defense for much of the federal government1 and for coordinating risk assessment and providing guidance on security and resilience across all 16 critical infrastructure sectors (e.g. issuing a directive for federal agencies to secure their cloud environments or publishing guidance on protecting infrastructure in the communications sector).
CISA has emerged as a critical player in AI policy, particularly in AI security, safety, and critical infrastructure protection. Following President Biden’s 2023 Executive Order on AI, CISA has taken on expanded responsibilities in assessing and mitigating AI-related risks to critical infrastructure and cybersecurity, including coordinating an annual AI risk assessment across critical infrastructure sectors. The agency works closely with private sector partners, other federal agencies, and international allies to develop guidelines, share threat information, and promote responsible AI development and deployment.
Background on CISA
- Government context: CISA is an operational component2 in the Department of Homeland Security (DHS), one of 15 executive departments in the US government.
- Mission: serving as the nation’s cyber defense agency and leading the national effort to understand, manage, and reduce risk to cyber and physical infrastructure.
- Main activities: assessing risks to critical infrastructure and coordinating risk management for critical infrastructure; protecting federal civilian executive branch networks; coordinating cyber defense operations between governmental bodies and private organizations; providing cybersecurity information, tools, and incident response capabilities; facilitating emergency communications.
- Budget: $3.2 billion (FY 2023)
- Staff: ~3,200 employees (FY 2023)
- Brief history: originating as DHS’s National Protection and Programs Directorate (NPPD), the 2018 Cybersecurity & Infrastructure Security Agency Act instituted CISA as an operational component of DHS. Its role has expanded significantly since then, particularly in areas such as AI and election security.
Organizational structure
CISA is led by a Director, who reports to and is a principal advisor to the Secretary of Homeland Security. The CISA Director is presidentially appointed and requires Senate confirmation. Other key agency-wide leaders at CISA include the Deputy Director and Executive Director. The agency is organized into several key divisions, each of which is led by an Executive Assistant Director (EAD) or Assistant Director (AD):
- Cybersecurity Division (CSD): strengthens cyber defenses against immediate threats and vulnerabilities; builds long-term capacity to withstand and operate through cyber incidents; strives to ensure that the cyberspace ecosystem favors network defenders
- National Risk Management Center (NRMC): provides actionable risk analysis to ensure secure and resilient critical infrastructure
- Stakeholder Engagement Division (SED): leads national and international voluntary partnerships and engagements; serves as a hub for shared information relevant to operational collaboration
- Infrastructure Security Division (ISD): secures critical infrastructure from all hazards by managing risk (including non-cyber risks, such as those posed by natural disasters or weapons of mass destruction); enhances resilience through engagement with the critical infrastructure community (works closely with NRMC and SED on this engagement)
- Emergency Communications Division (ECD): leads public safety, national security, and emergency preparedness communications efforts; provides training, coordination, tools, and guidance to help federal, state, local, tribal, territorial, and industry partners develop emergency communications capabilities
- Integrated Operations Division (IOD): manages internal operations and the delivery of capabilities and services to support security of critical infrastructure; purview includes regional offices that deliver expertise and support to stakeholders and partners across state and local governments and the critical infrastructure community
CISA and AI policy
CISA has played a growing role in AI policy because of its role in understanding and addressing risks at the intersection of AI and cybersecurity, and its responsibilities to enhance the resilience of federal networks and critical infrastructure. CISA has led the development and coordination of AI security guidance and standards across the federal government and with international partners, including through recent guidance on secure development and deployment of AI systems. It has also undertaken exploratory projects to assess new AI applications in cyber defense, such as a pilot for AI-enabled vulnerability detection, and was tasked with an annual assessment of AI-related risks to critical infrastructure in President Biden’s 2023 Executive Order on AI. Groups within CISA also have their own AI research and development priorities related to exploring AI applications for threat assessment and leveraging AI to improve internal operations.
Recent AI-related developments at CISA
CISA has been a focal point for AI-related efforts in DHS. Relevant developments include:
Major recent AI-related developments at CISA
- January 2025: CISA publishes the AI Cybersecurity Collaboration playbook, providing AI providers, developers, and adopters with guidance on how to voluntarily share actionable incident information. The playbook aligns with the CISA Roadmap for AI and the 2024 Joint Cyber Defense Collaborative Priorities, which focus on building robust public-private collaboration to address emerging AI cybersecurity risks.
- August 2024: CISA names its first Chief AI Officer, responsible for defining and leading CISA’s AI strategy.
- July 2024: CISA publishes a summary of results from a pilot for AI-enabled vulnerability detection.
- June 2024: CISA conducts two tabletop exercises with industry, federal, government, and international participants focused on AI security incident collaboration. The exercises, which were part of CISA’s Joint Cyber Defense Collaborative, aimed to help identify information-sharing opportunities, protocols for public-private engagement, and areas for operational collaboration on AI security incidents.
- April 2024: CISA publishes the Safety and Security Guidelines for Critical Infrastructure Owners and Operators, which include a summary of findings from CISA’s cross-sector AI risk assessment.
- November 2023: CISA publishes the 2023-2024 CISA Roadmap for AI, covering CISA’s efforts to promote AI uses that enhance cybersecurity capabilities, protect AI systems from cybersecurity threats, and deter malicious actors’ use of AI capabilities to threaten critical infrastructure.
- October 2023: President Biden’s Executive Order on AI tasks CISA with responsibilities in managing AI-related risks, including overseeing an annual, multi-agency AI critical infrastructure risk assessment.
CISA offices working on AI policy
Several CISA offices contribute to AI-related efforts, including (not comprehensive):
CISA offices working on AI policy
- Office of the Chief AI Officer (OCAIO): established in 2024 to set CISA’s vision and strategy for responsible AI tool adoption; supports AI-related risk mitigation for critical infrastructure and cybersecurity.
- Office of Strategy, Policy, and Plans (OSPP): led by the Chief Strategy Officer; functions as CISA’s strategic planning hub for emerging technology issues, including AI. Key sub-divisions:
- National Policy: develops the agency’s strategic approach to AI security, coordinates policy initiatives across divisions, and manages interagency relationships on AI matters. It played a key role in launching the DHS AI Safety and Security Board, developing the 2023-2024 CISA Roadmap for AI, and continues to shape the agency’s approach to AI security issues.
- Cybersecurity Division (CSD): leads CISA’s operational cyber defense efforts, including integrating AI security into broader cybersecurity practices. Key sub-divisions:
- Joint Cyber Defense Collaborative (JCDC): advances joint cyber defense capabilities, particularly through operational planning and public-private partnerships; includes an AI sub-initiative (named “JCDC.AI”) focused on partnering with leading AI companies on cyber defense.
- Office of the Technical Director (OTD): advances, coordinates, and aligns technical capability efforts across CSD to improve mission effectiveness; has been a key partner on developing and progressing AI initiatives in CISA.
- National Risk Management Center (NRMC): CISA’s central hub for analyzing and coordinating responses to critical infrastructure risks. NRMC leads comprehensive AI risk assessments across sectors, develops risk frameworks, and coordinates cross-sector security initiatives. The center plays a crucial role in implementing the AI-related requirements from President Biden’s 2023 Executive Order on AI, particularly on critical infrastructure protection. Key subdivisions:
- Strategic Foresight: leads efforts to forecast potential risks, develop mitigation strategies, and accelerate research to enhance critical infrastructure resilience; has led AI-related risk assessments for critical infrastructure.
- Election Security and Resilience (ESR): leads work on election security risks (including AI-related ones); aims to ensure secure elections by providing election stakeholders with information necessary to manage systems and asset risks.
- Stakeholder Engagement Division (SED): manages partnerships and relationships for key collaboration on AI guidance and information-sharing initiatives. Key sub-divisions:
- Council Management: manages forums to facilitate collaboration across government, industry, and academic partners; manages dissemination of AI guidance and publications.
- Sector Management: manages relationships with public and private critical infrastructure owners and operators across all sectors; manages partnerships for collaboration on AI guidance and publications.
- International: leads international partnerships and engagements to better understand threats, exchange best practices, share information, and issue joint products; helps steer international partnerships on AI initiatives, including the UK, EU, and the G7.
- Infrastructure Security Division (ISD): focuses on the physical security implications of AI deployment in critical infrastructure. The division assesses how AI systems might affect infrastructure operations, develops guidance for secure AI integration in industrial control systems, and coordinates with sector risk management agencies on AI security matters. Key sub-divisions:
- Planning & Innovation (P&I): drives planning and technical solutions to address critical infrastructure security and resilience challenges; evaluates AI initiatives addressing critical infrastructure security concerns.
Working at CISA
CISA hires primarily into the following occupational categories, among others:
- Policy and information security analysts and advisors draft guidance and standards, provide feedback on federal policy, design and implement new initiatives, and manage projects. Common backgrounds include policy development, technical systems, and cybersecurity.
- Engineers and technologists contribute technical expertise to policy drafting and feedback. They can also support pilot programs for testing AI cybersecurity capabilities or integrating AI into existing technical functions.
To find open full-time positions at CISA, visit USAJOBS and filter for “Cybersecurity and Infrastructure Security Agency,” or check CISA’s Careers page. The agency’s career site often includes positions that may not be listed on USAJOBS, particularly for technical roles. You can also follow CISA on LinkedIn to stay updated about their activities.
In 2024, DHS is also running the DHS AI Corps hiring initiative, a special program to hire AI technical talent into the department, including for CISA teams. CISA also runs a Cyber Innovation Fellows Initiative that brings mid-career or senior technical professionals into a temporary rotation at CISA, with compensation paid by their private sector company.
For internships, fellowships, and other early-career opportunities, check the Federal Internship Finder and the USAJOBS Federal Internship Portal, filtering for CISA positions. The agency regularly posts opportunities through these platforms, especially for cyber and technology-focused roles. Opportunities for students and recent graduates include:
There’s a list of fellowship and internship programs here, which are omitted from this narration.
- DHS Intelligence and Cybersecurity Diversity Fellowship Program – paid full-time summer internship for students majoring in a STEM or intelligence-related field, with a particular focus on Minority Serving Institutions. Offers opportunity for conversion to a permanent position.
- CISA Pathways Internship Program – paid part-time or full-time internship internships for students with interns eligible for non-competitive conversion to a permanent position.
- CyberCorps Scholarship for Service (SFS) – scholarships for undergraduate or graduate students with a commitment to work in a federal cybersecurity position post-graduation.
- Cybersecurity Talent Initiative (CTI) – two-year government placement program for recent graduates of cybersecurity-related undergraduate or graduate degree programs.
- Presidential Management Fellowship (PMF) – a prestigious two-year program that allows recent graduate degree recipients to get jobs in the US federal government.
See our federal agency application advice section for guides to USAJOBS, federal resumes, interviewing for federal positions, and more.
Further reading
- AI at CISA
- 2023–2024 CISA Roadmap for AI
- CISA AI Use-Cases
- CISA and Joint-Seal AI Publications
- CISA AI blog posts
Experience reports
Anonymous CISA staffer:
While working with CISA, I’ve contributed to policy topics ranging from developing best practices for developing and deploying AI systems to coordinating risk assessment for critical infrastructure.
CISA’s organizational culture is uniquely friendly. It’s also a smaller and flatter organization than many other parts of government, which means you’ll find opportunities to quickly take on more responsibility. CISA has been increasingly taking a leadership role in AI and emerging technology issues.
Among the most valuable parts of my CISA experience has been learning about how policy is developed and implemented at the federal level. There are a few teams at CISA or DHS (such as HQ, front offices, and policy teams) that frequently interface with other agencies and departments across the government and can provide opportunities for this type of learning.
Footnotes
- CISA’s responsibilities fall largely outside of the military and offshore cyber activities, which are typically the focus of the Department of Defense and related bodies such as the National Security Agency. CISA will often collaborate with these groups on any issues that touch both civilian and defense matters.
↩︎ - An operational component is a standalone office or agency within the Department of Homeland Security with its own dedicated mission, budget, and staff.
↩︎
We aim to keep this agency profile updated. If you have any updates or suggestions, please let us know.
Other agency profiles
If you’re interested in pursuing a career in emerging technology policy, complete this form, and we may be able to match you with opportunities suited to your background and interests.