As a Lead Cloud Security Engineer, you will serve as a definitive subject matter expert contributing to FedRAMP efforts to ensure commercial cloud services and information systems are meeting FedRAMP requirements.
Location of position: This position is located in 1800 F Street NW, Washington DC with the Federal Risk and Authorization Management Program (FedRAMP) Division’s Security Branch.
We are currently filling four vacancies, but additional vacancies may be filled as needed.
Summary
As a Lead Cloud Security Engineer, you will serve as a definitive subject matter expert contributing to FedRAMP efforts to ensure commercial cloud services and information systems are meeting FedRAMP requirements.
Location of position: This position is located in 1800 F Street NW, Washington DC with the Federal Risk and Authorization Management Program (FedRAMP) Division’s Security Branch.
We are currently filling four vacancies, but additional vacancies may be filled as needed.
Yes - You will be required to complete a financial disclosure report to verify that no conflict, or an appearance of conflict, exists between your financial interests and this position.
Leads risk and vulnerability assessments of governmentwide planned and installed information systems within the scope of Federal Risk and Authorization Management Program (FedRAMP) to identify vulnerabilities, risks, and protection needs.
Provides continuous monitoring support for commercial cloud service information systems, emerging IT, and IT security initiatives, including but not limited to: cloud computing, bring-your-own-device, container security, subnetting best practices, Plan of Action & Milestones (POA&M) management, penetration testing, vulnerability scanning, remote access systems, mobile computing platforms, system virtualization, and identity and access management solutions.
Acts as a senior subject matter expert for specific cloud services and provides expert advice to governmentwide stakeholders on the security posture of the service, secure use of the service, and recommendations for deployment.
Ensures new technologies are implemented following IT security engineering standards, integrated with agency strategic IT and IT security architecture, and free of gaps in security.
Supports security measures and goals set by the FedRAMP board and FedRAMP Program Management Office, promoting IT security awareness by receiving information system security alerts, advisories, and directives from various sources; generating internal security alerts, advisories, and directives as deemed necessary; and disseminating security alerts, advisories, and directives to internal and external enterprise entities with IT system security responsibility.
US Citizens and National (Residents of American Samoa and Swains Island)
Meet all eligibility criteria within 30 days of the closing date
Register with Selective Service if you are a male born after 12/31/1959
If selected, you must meet the following conditions:
Current or Former Political Appointees: The Office of Personnel Management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C or NonCareer SES employee in the Executive Branch, you must disclose this information to the HR Office. Failure to disclose this information could result in disciplinary action including removal from Federal Service.
Serve a one year probationary period, if required.
Undergo and pass a background investigation (Tier 4 investigation level).
Have your identity and work status eligibility verified if you are not a GSA employee. We will use the Department of Homeland Security’s e-Verify system for this. Any discrepancies must be resolved as a condition of continued employment.
Complete a financial disclosure report to verify that no conflict, or an appearance of conflict, exists between your financial interest and this position.
Qualifications
For each job on your resume, provide:
the exact dates you held each job (from month/year to month/year)
number of hours per week you worked (if part time).
If you have volunteered your service through a National Service program (e.g., Peace Corps, Americorps), we encourage you to apply and include this experience on your resume.
The GS-15 salary range starts at $169,279.00 per year.
If you are a new federal employee, your starting salary will likely be set at the Step 1 of the grade for which you are selected.
Applicants applying for the GS-15 grade level must meet the following requirements: Have IT-related experience demonstrating EACH of the four competencies AND one year of specialized experience equivalent to the GS-14 level in the Federal service as described below:
IT SPECIALIST COMPETENCY REQUIREMENTS:
Attention to Detail - This skill is generally demonstrated by assignments where the applicant investigates and evaluates “state of the art” technology of the industry.
Customer Service - This skill is generally demonstrated by assignments where the applicant confers with users to evaluate the effectiveness of, or identify the need for, computer programs or management systems.
Oral Communication - This skill is generally demonstrated by assignments where the applicant persuades others to take a particular course of action or to accept findings, recommendations, changes, or alternative viewpoints.
Problem Solving - This skill is generally demonstrated by assignments where the applicant identifies and accommodates technology and resource constraints.
SPECIALIZED EXPERIENCE REQUIREMENTS:
Specialized experience is defined as: Senior-level experience within a security, compliance, infrastructure, or similar engineering function for a cloud service offering that provides on-demand self-service access to technology resources over the internet; OR as a lead assessor within a Third Party Assessment Organization (3PAO) conducting comprehensive security assessments of cloud service offerings against Federal Risk and Authorization Management Program (FedRAMP) requirements.
Must present evidence of experience as follows:
Designing, operating, or evaluating complex multi-tenant cloud environments in strict adherence to FedRAMP-specific mandates.
Leading risk-based technical decision-making for cloud deployments or assessments
Assessing, operating, or implementing Governance, Risk, and Compliance (GRC) engineering principles, such as: Automation of security control validation, Implementation of policy-as-code, Utilization of machine-readable artifacts to streamline the authorization lifecycle and continuous monitoring processes.
Education
This job does not have an education qualification requirement.
Additional information
Candidates will not be hired based on their race, sex, color, religion, or national origin.
Applicants are encouraged to make their resume searchable in their USAJOBS.gov profile. This will allow Federal hiring specialists and hiring managers across agencies to find their resume as part of agency recruitment campaigns or staffing searches.
If you apply to this position and are selected, we will not ask about your criminal history before you receive a conditional job offer. If you believe you were asked about your criminal history improperly, contact the agency or visit GSA's webpage.
Relocation-related expenses are not approved and will be your responsibility.
On a case-by-case basis, the following incentives may be approved:
· Recruitment incentive if you are new to the federal government
· Relocation incentive if you are a current federal employee
· Credit toward vacation leave if you are new to the federal government
Additional vacancies may be filled through this announcement in this or other GSA organizations within the same commuting area as needed; through other means; or not at all.
Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Health insurance (choose from a wide range of plans)
Life insurance coverage with several options
Sick leave and vacation time, including 11 paid holidays per year
Thrift Savings Plan (similar to a 401(k) plan)
Flexible work schedules
Transit and child care subsidies
Flexible spending accounts
Long-term care insurance
Training and development
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
How you will be evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
A panel of Subject Matter Experts (SMEs) will review the resumes of qualified candidates and assign a score for each of the five required Knowledge, Skills, and Abilities (KSAs) based on the experience documented in the resume and narrative responses:
Expert knowledge of NIST SP 800-53 security controls, FedRAMP authorization frameworks, and Governance, Risk, and Compliance (GRC) engineering principles, including the application of automation for security assessment and continuous monitoring.
Mastery of knowledge of cloud-native infrastructure and site reliability principles, enabling the evaluation of security implementations and automated vulnerability detection in complex, multi-tenant cloud environments.
Mastery of and skill of cloud-native security architectures, immutable infrastructure, and complex shared responsibility models to provide authoritative recommendations to executive-level stakeholders on the secure implementation of cloud services.
Expert knowledge of secure systems engineering principles and GRC engineering workflows to integrate emerging technologies into security architectures.
Knowledge of FedRAMP security measures and goals, emerging cloud vulnerabilities, and related ways to identify risks impacting commercial cloud services.
Demonstration of these KSAs must be supported by your resume. Applicants should also make note of each KSA, as you will be asked to address them later in the application process
Your possession of the KSAs will place you in one of the following categories:.
Best Qualified = 4+ out of 5 KSAs
Well Qualified = 3 out of 5 KSAs (Well Qualified for CTAP/ICTAP)
Qualified = 2 or less out of 5 KSAs.
If you are eligible under the Interagency Career Transition Assistance Plan (ICTAP) or GSA’s Career Transition Assistance Plan (CTAP), your resume must clearly demonstrate experience in at least 3 of the 5 required Knowledge, Skills, and Abilities (KSAs) to receive priority consideration.
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Health insurance (choose from a wide range of plans)
Life insurance coverage with several options
Sick leave and vacation time, including 11 paid holidays per year
Thrift Savings Plan (similar to a 401(k) plan)
Flexible work schedules
Transit and child care subsidies
Flexible spending accounts
Long-term care insurance
Training and development
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
ALL required documents must be submitted before the closing date. Review the following list to determine what you need to submit.
Resume: Your resume should not exceed 2 pages and must demonstrate the specialized experience related to the position for which you are applying. Your resume must contain the following information:
Name, address, telephone number, email address;
Job Title (if Federal Service, provide series and grade; if not in GS plan, provide GS equivalent grade);
Relevant work experience—should include employer name, job title, start and end dates (month/year), the number of hours worked per week and descriptions that explain how you meet the required qualifications in the job announcement.
Education, certifications or licensures—If the job announcement requires any education, certifications or licensures, make sure to include the required information and any required documents like transcripts.
Your resume should contain enough information to make a valid determination that you fully meet experience requirements for each grade level you are applying to. If you do not provide enough information for us to determine your qualifications, you may be rated ineligible.
If you areclaiming veterans preference: (a) Copy of your Certificate of Release or Discharge From Active Duty, DD-214 that shows your type of discharge, character of service and the dates of your active duty service. (b) If you are claiming 10-point preference or derived preference (spouse, widow/widower, or parent of a deceased or disabled veteran), you must submit documentation that establishes your entitlement in addition to the DD-214:
VA disability rating letter or other official documentation (refer to SF-15 for complete list).
SF-15, Application for 10-Point Veteran Preference
Note: If sufficient documentation is provided to establish 10-point preference, preference may be granted based on the supporting documentation even if the SF-15 is not submitted. If selected, a completed SF-15 will be required prior to appointment.
IF YOU ARE:
Active duty military - Certification on a letterhead from your military branch that includes your rank, character of service (must be under honorable conditions) & military service dates including discharge/release date (must be no later than 120 days after the date the certification is submitted).
ICTAP/CTAP eligible - submit a, b, and c: (a) proof of eligibility including agency notice; (b) SF-50, and (c) most recent performance appraisal.
Current or Former Political Appointees: Submit SF-50.
Submit a complete online application including any required documents prior to 11:59 pm Eastern Time on the closing date of the announcement. You can modify or complete your application any time before the deadline. Simply return to USAJOBS, select the vacancy, and update your application. For more detailed instructions on how to apply, click here: Apply for a GSA Job.
If you are having issues applying to this announcement, you should switch to a different browser, network or device. Note: Your firewall may block your transfer from USAJOBS to your GSA application.
To begin, click the Apply Online button on the vacancy announcement.
Sign in or register on USAJobs and select a resume and documents to include in your application.
Resumes exceeding two pages will not be accepted by USAJOBS and will prevent your application from moving forward in the hiring process. Please see Required Documents for additional details.
Once you have clicked Apply for this position now, you will be taken to the GSA site to complete the application process.
Click the Apply To This Vacancy and complete all steps in the application process until the Confirmation indicates your application is complete. If you click Return to USAJobs or get timed out prior to receiving confirmation, your application will not be submitted and cannot be considered for this vacancy.
Note: Review the REQUIRED DOCUMENTS section of this announcement to determine which apply to you and must be submitted online. You may choose one or more of the following options to submit your document(s): Upload (from your computer) or USAJOBS (click the "USAJOBS" link to complete the transfer process).
Need Assistance?
Questions or issues completing an application and/or submitting documentation - contact mgshelp@monster.comor 1-866-656-6831 Monday-Friday 7AM - 7PM EST, except for Federal holidays
Specific questions on the position - contact the HR representative (Monday-Friday during normal business hours) listed on the announcement, prior to the application deadline
You must receive HR approval before deviating from these instructions.
Be sure to APPLY EARLY as most assessments must be completed fully and submitted before the announcement closing.
GSA, Technology Transformation Service
Servicing HR Office: Branch A
GSA, Office of Human Resources Management (OHRM)
1800 F Street, NW
Washington, District of Columbia 20405
United States
Next steps
After the closing date/deadline:
ELIGIBILITY/QUALIFICATIONS: Applicant eligibility and qualifications are reviewed.
REFERRAL TO MANAGEMENT: Eligible/Qualified applicants are referred to management for review and possible interview.
SELECTION/TENTATIVE JOB OFFER: If a selection is made, a Tentative Offer is extended to the selectee and suitability and/or security background investigation is conducted.
FINAL JOB OFFER: A final job offer is made (typically within 40 days after the closing date/deadline for applications).
FINAL COMMUNICATION TO APPLICANTS: Once the position is filled, we will notify you of your status. You may also check your application status by logging into USAJOBS and clicking “Track this Application” on the Applicant Dashboard.
Thank you for your interest in working for the U.S. General Services Administration!
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
ALL required documents must be submitted before the closing date. Review the following list to determine what you need to submit.
Resume: Your resume should not exceed 2 pages and must demonstrate the specialized experience related to the position for which you are applying. Your resume must contain the following information:
Name, address, telephone number, email address;
Job Title (if Federal Service, provide series and grade; if not in GS plan, provide GS equivalent grade);
Relevant work experience—should include employer name, job title, start and end dates (month/year), the number of hours worked per week and descriptions that explain how you meet the required qualifications in the job announcement.
Education, certifications or licensures—If the job announcement requires any education, certifications or licensures, make sure to include the required information and any required documents like transcripts.
Your resume should contain enough information to make a valid determination that you fully meet experience requirements for each grade level you are applying to. If you do not provide enough information for us to determine your qualifications, you may be rated ineligible.
If you areclaiming veterans preference: (a) Copy of your Certificate of Release or Discharge From Active Duty, DD-214 that shows your type of discharge, character of service and the dates of your active duty service. (b) If you are claiming 10-point preference or derived preference (spouse, widow/widower, or parent of a deceased or disabled veteran), you must submit documentation that establishes your entitlement in addition to the DD-214:
VA disability rating letter or other official documentation (refer to SF-15 for complete list).
SF-15, Application for 10-Point Veteran Preference
Note: If sufficient documentation is provided to establish 10-point preference, preference may be granted based on the supporting documentation even if the SF-15 is not submitted. If selected, a completed SF-15 will be required prior to appointment.
IF YOU ARE:
Active duty military - Certification on a letterhead from your military branch that includes your rank, character of service (must be under honorable conditions) & military service dates including discharge/release date (must be no later than 120 days after the date the certification is submitted).
ICTAP/CTAP eligible - submit a, b, and c: (a) proof of eligibility including agency notice; (b) SF-50, and (c) most recent performance appraisal.
Current or Former Political Appointees: Submit SF-50.
Submit a complete online application including any required documents prior to 11:59 pm Eastern Time on the closing date of the announcement. You can modify or complete your application any time before the deadline. Simply return to USAJOBS, select the vacancy, and update your application. For more detailed instructions on how to apply, click here: Apply for a GSA Job.
If you are having issues applying to this announcement, you should switch to a different browser, network or device. Note: Your firewall may block your transfer from USAJOBS to your GSA application.
To begin, click the Apply Online button on the vacancy announcement.
Sign in or register on USAJobs and select a resume and documents to include in your application.
Resumes exceeding two pages will not be accepted by USAJOBS and will prevent your application from moving forward in the hiring process. Please see Required Documents for additional details.
Once you have clicked Apply for this position now, you will be taken to the GSA site to complete the application process.
Click the Apply To This Vacancy and complete all steps in the application process until the Confirmation indicates your application is complete. If you click Return to USAJobs or get timed out prior to receiving confirmation, your application will not be submitted and cannot be considered for this vacancy.
Note: Review the REQUIRED DOCUMENTS section of this announcement to determine which apply to you and must be submitted online. You may choose one or more of the following options to submit your document(s): Upload (from your computer) or USAJOBS (click the "USAJOBS" link to complete the transfer process).
Need Assistance?
Questions or issues completing an application and/or submitting documentation - contact mgshelp@monster.comor 1-866-656-6831 Monday-Friday 7AM - 7PM EST, except for Federal holidays
Specific questions on the position - contact the HR representative (Monday-Friday during normal business hours) listed on the announcement, prior to the application deadline
You must receive HR approval before deviating from these instructions.
Be sure to APPLY EARLY as most assessments must be completed fully and submitted before the announcement closing.
GSA, Technology Transformation Service
Servicing HR Office: Branch A
GSA, Office of Human Resources Management (OHRM)
1800 F Street, NW
Washington, District of Columbia 20405
United States
Next steps
After the closing date/deadline:
ELIGIBILITY/QUALIFICATIONS: Applicant eligibility and qualifications are reviewed.
REFERRAL TO MANAGEMENT: Eligible/Qualified applicants are referred to management for review and possible interview.
SELECTION/TENTATIVE JOB OFFER: If a selection is made, a Tentative Offer is extended to the selectee and suitability and/or security background investigation is conducted.
FINAL JOB OFFER: A final job offer is made (typically within 40 days after the closing date/deadline for applications).
FINAL COMMUNICATION TO APPLICANTS: Once the position is filled, we will notify you of your status. You may also check your application status by logging into USAJOBS and clicking “Track this Application” on the Applicant Dashboard.
Thank you for your interest in working for the U.S. General Services Administration!
Fair and transparent
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
