Lead Cloud Security Engineer (Information Security)

Lead Cloud Security Engineer (Information Security)

Department: General Services Administration

Location(s): Washington, District of Columbia

Salary Range: $169279 - $197200 Per Year

Job Summary: As a Lead Cloud Security Engineer, you will serve as a definitive subject matter expert contributing to FedRAMP efforts to ensure commercial cloud services and information systems are meeting FedRAMP requirements. Location of position: This position is located in 1800 F Street NW, Washington DC with the Federal Risk and Authorization Management Program (FedRAMP) Division's Security Branch. We are currently filling four vacancies, but additional vacancies may be filled as needed.

Major Duties:

• Leads risk and vulnerability assessments of governmentwide planned and installed information systems within the scope of Federal Risk and Authorization Management Program (FedRAMP) to identify vulnerabilities, risks, and protection needs. Provides continuous monitoring support for commercial cloud service information systems, emerging IT, and IT security initiatives, including but not limited to: cloud computing, bring-your-own-device, container security, subnetting best practices, Plan of Action & Milestones (POA&M) management, penetration testing, vulnerability scanning, remote access systems, mobile computing platforms, system virtualization, and identity and access management solutions. Acts as a senior subject matter expert for specific cloud services and provides expert advice to governmentwide stakeholders on the security posture of the service, secure use of the service, and recommendations for deployment. Ensures new technologies are implemented following IT security engineering standards, integrated with agency strategic IT and IT security architecture, and free of gaps in security. Supports security measures and goals set by the FedRAMP board and FedRAMP Program Management Office, promoting IT security awareness by receiving information system security alerts, advisories, and directives from various sources; generating internal security alerts, advisories, and directives as deemed necessary; and disseminating security alerts, advisories, and directives to internal and external enterprise entities with IT system security responsibility.

Qualifications: For each job on your resume, provide: the exact dates you held each job (from month/year to month/year) number of hours per week you worked (if part time). If you have volunteered your service through a National Service program (e.g., Peace Corps, Americorps), we encourage you to apply and include this experience on your resume. The GS-15 salary range starts at $169,279.00 per year. If you are a new federal employee, your starting salary will likely be set at the Step 1 of the grade for which you are selected. Applicants applying for the GS-15 grade level must meet the following requirements: Have IT-related experience demonstrating EACH of the four competencies AND one year of specialized experience equivalent to the GS-14 level in the Federal service as described below: IT SPECIALIST COMPETENCY REQUIREMENTS: Attention to Detail - This skill is generally demonstrated by assignments where the applicant investigates and evaluates “state of the art” technology of the industry. Customer Service - This skill is generally demonstrated by assignments where the applicant confers with users to evaluate the effectiveness of, or identify the need for, computer programs or management systems. Oral Communication - This skill is generally demonstrated by assignments where the applicant persuades others to take a particular course of action or to accept findings, recommendations, changes, or alternative viewpoints. Problem Solving - This skill is generally demonstrated by assignments where the applicant identifies and accommodates technology and resource constraints. SPECIALIZED EXPERIENCE REQUIREMENTS: Specialized experience is defined as: Senior-level experience within a security, compliance, infrastructure, or similar engineering function for a cloud service offering that provides on-demand self-service access to technology resources over the internet; OR as a lead assessor within a Third Party Assessment Organization (3PAO) conducting comprehensive security assessments of cloud service offerings against Federal Risk and Authorization Management Program (FedRAMP) requirements. Must present evidence of experience as follows: Designing, operating, or evaluating complex multi-tenant cloud environments in strict adherence to FedRAMP-specific mandates. Leading risk-based technical decision-making for cloud deployments or assessments Assessing, operating, or implementing Governance, Risk, and Compliance (GRC) engineering principles, such as: Automation of security control validation, Implementation of policy-as-code, Utilization of machine-readable artifacts to streamline the authorization lifecycle and continuous monitoring processes.

How to Apply: Submit a complete online application including any required documents prior to 11:59 pm Eastern Time on the closing date of the announcement. You can modify or complete your application any time before the deadline. Simply return to USAJOBS, select the vacancy, and update your application. For more detailed instructions on how to apply, click here: Apply for a GSA Job. If you are having issues applying to this announcement, you should switch to a different browser, network or device. Note: Your firewall may block your transfer from USAJOBS to your GSA application. To begin, click the Apply Online button on the vacancy announcement. Sign in or register on USAJobs and select a resume and documents to include in your application. Resumes exceeding two pages will not be accepted by USAJOBS and will prevent your application from moving forward in the hiring process. Please see Required Documents for additional details. Once you have clicked Apply for this position now, you will be taken to the GSA site to complete the application process. Click the Apply To This Vacancy and complete all steps in the application process until the Confirmation indicates your application is complete. If you click Return to USAJobs or get timed out prior to receiving confirmation, your application will not be submitted and cannot be considered for this vacancy. Note: Review the REQUIRED DOCUMENTS section of this announcement to determine which apply to you and must be submitted online. You may choose one or more of the following options to submit your document(s): Upload (from your computer) or USAJOBS (click the "USAJOBS" link to complete the transfer process). Need Assistance? Questions or issues completing an application and/or submitting documentation - contact mgshelp@monster.com or 1-866-656-6831 Monday-Friday 7AM - 7PM EST, except for Federal holidays Specific questions on the position - contact the HR representative (Monday-Friday during normal business hours) listed on the announcement, prior to the application deadline You must receive HR approval before deviating from these instructions. Be sure to APPLY EARLY as most assessments must be completed fully and submitted before the announcement closing.

Application Deadline: 2026-05-11