About this role
Job SummaryAs a Senior Cloud Security Engineer, you will be the subject matter expert contributing to FedRAMP efforts to ensure commercial cloud services and information systems are meeting FedRAMP requirements. Location of position: This position is located in 1800 F Street NW, Washington DC with the Federal Risk and Authorization Management Program (FedRAMP) Division's Security Branch. We are currently filling 3 vacancies, but additional vacancies may be filled as needed.
QualificationsFor each job on your resume, provide: the exact dates you held each job (from month/year to month/year) number of hours per week you worked (if part time). If you have volunteered your service through a National Service program (e.g., Peace Corps, Americorps), we encourage you to apply and include this experience on your resume. The GS-14 salary range starts at $143,913.00 per year. If you are a new federal employee, your starting salary will likely be set at the Step 1 of the grade for which you are selected. Applicants applying for the GS-14 grade level must meet the following requirements: Have IT-related experience demonstrating EACH of the four competencies AND one year of specialized experience equivalent to the GS-13 level in the Federal service as described below: IT SPECIALIST COMPETENCY REQUIREMENTS: Attention to Detail - This skill is generally demonstrated by assignments where the applicant investigates and evaluates “state of the art” technology of the industry. Customer Service - This skill is generally demonstrated by assignments where the applicant confers with users to evaluate the effectiveness of, or identify the need for, computer programs or management systems. Oral Communication - This skill is generally demonstrated by assignments where the applicant persuades others to take a particular course of action or to accept findings, recommendations, changes, or alternative viewpoints. Problem Solving - This skill is generally demonstrated by assignments where the applicant identifies and accommodates technology and resource constraints. SPECIALIZED EXPERIENCE REQUIREMENTS: Specialized Experience is defined as: Coordinating and providing technical advice within a security, compliance, infrastructure, or similar engineering function for a cloud service offering that provides on-demand self-service access to technology resources over the internet; OR as an assessor within a Third Party Assessment Organization (3PAO) conducting comprehensive security assessments of cloud service offerings against Federal Risk and Authorization Management Program (FedRAMP) requirements.
Major DutiesConducts risk and vulnerability assessments of governmentwide planned and installed information systems within the scope of Federal Risk and Authorization Management Program (FedRAMP) to identify vulnerabilities, risks, and protection needs. Manages systems security evaluations, audits, and reviews as performed by FedRAMP. Provides continuous monitoring support for commercial cloud service information systems, emerging IT, and IT security initiatives, including but not limited to: cloud computing, bring-your-own-device (BYOD), container security, subnetting best practices, Plan of Action & Milestones (POA&M) management, penetration testing, vulnerability scanning, remote access systems, mobile computing platforms, system virtualization, and identity and access management solutions. Provides recommendations and opinions on the security implementations of cloud services as part of the assessment process. Coordinates with contractors and other staff to gather experiences, opinions, and other analyses; combines collected information; and creates summaries of security decisions and recommendations for management and staff review for governmentwide adoption. Ensures new technologies are implemented following IT security engineering standards, integrated with agency strategic IT and IT security architecture, and free of gaps in security. Stays abreast of threats, vulnerabilities, and developments within the realm of information security, especially emerging issues with the potential to impact federal agency or broader government information systems and networks as well as commercial cloud services.RequirementsIf selected, you must meet the following conditions: Current or Former Political Appointees: The Office of Personnel Management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C or NonCareer SES employee in the Executive Branch, you must disclose this information to the HR Office. Failure to disclose this information could result in disciplinary action including removal from Federal Service. Serve a one year probationary period, if required. Undergo and pass a background investigation (Tier 4 investigation level). Have your identity and work status eligibility verified if you are not a GSA employee. We will use the Department of Homeland Security's e-Verify system for this. Any discrepancies must be resolved as a condition of continued employment. Complete a financial disclosure report to verify that no conflict, or an appearance of conflict, exists between your financial interest and this position.