Login.gov: Security Engineer Technical Expert - Analyst
This job posting has closed.
Please see our other open positions.
Basic information
Open to U.S. citizens or nationals (residents of American Samoa and Swains
Island). Subject to background check. Full information
is
available on
USAJOBS.
Supervisory status: Non-Supervisory
Job title: Login.gov: Security Engineer Technical Expert - Analyst
Official title in USAJOBS: Information Technology Specialist (INFOSEC)
Number of vacancies: 1
Location: Anywhere in the U.S. (remote)
Salary range: GS-15 ($136,908 to $183,500)
Your salary, including base and locality, will be determined upon selection,
dependent on your actual duty location. Please note the maximum salary available
for the GS pay system is $183,500. For specific details on locality pay, please
visit OPM’s Salaries & Wages page
or for a salary calculator
OPM’s 2023 General Schedule (GS) Salary Calculator. You can find more
information in our
compensation and benefits section.
Travel requirement:
Occasional travel may be required up to 10%-20% per year.
Work schedule:
Full time.
Appointment type:
This is a permanent position.
Learn more about the benefits of working at
GSA and
TTS.
Role summary
As a security analyst technical expert, you will report to Login.gov’s security
branch chief. In this fully remote position, you will work closely with Login.gov’s
product and platform teams to improve Login.gov’s defensive capabilities. You will
play a key role in helping Login.gov’s security team implement best practices to
protect user data, secure Login.gov’s application and infrastructure, and combat
fraud and abuse. You will provide strategic guidance to Login.gov’s leadership team,
provide feedback on security program objectives, and lead improvements to Login.gov’s
cybersecurity practice.
Key objectives
1. Contribute to Login.gov’s Cybersecurity Practice
-
Contribute to vulnerability testing and analysis, incident response and analysis, alert response and analysis activities.
-
Conduct data analytics activities to support monitoring, detecting, defending against, or responding to security incidents.
-
Automate data analytics or security processes by using object-oriented languages (e.g., Python).
-
Collaborate with application development teams, platform engineers, and Security Operations Center (SOC) engineers to build and implement security in an open source, live services environment.
-
Collaborate with User Experience, Infrastructure, and Application Developer Engineers to ensure changes to Login.gov’s product or infrastructure do not negatively impact security.
2. Provide subject matter expertise on cybersecurity practices to Login.gov Leadership
-
Provide guidance on industry standards (e.g., NIST 800 series) and best practices to product managers and application developers
-
Develop standard operating procedures that improve Login.gov’s cybersecurity posture.
-
Collaborate with site reliability engineers to enhance cloud platform security engineering practices.
-
Improve Login.gov’s security operations via automation.
-
Communicate with internal and external partners to share Login.gov’s security posture, risk, and operational processes.
-
Contribute to security program goal setting and roadmapping activities.
3. Ensure Login.gov maintains its FedRAMP authorization
-
Maintain systems that comply with NIST-800-53 controls.
-
Develop and maintain artifacts for cybersecurity assessments
-
Participate in technical interviews for cybersecurity assessments
-
Prepare application developers, site reliability engineers, or platform engineers for technical assessment interviews
-
Propose changes to Login.gov development and site reliability engineering practices to better support automated compliance
4. Collaborate effectively on distributed, agile teams
-
Share knowledge and work collaboratively to integrate anti-identity fraud principles into product and engineering practices.
-
Participate in regular retrospectives and provide feedback to help improve the way the team works.
-
Promote a work environment of respect, diversity, equity, inclusion, accessibility, mutual support, continuous learning, and commitment to customer / partner needs.
Qualifications
Provide as much detail as possible on your resume so that we can evaluate your
previous experience. Follow our
guidance on creating a federal style resume.
Failure to provide required information may result in disqualification.
For each job on your resume, provide:
- The exact dates you held each job (from month/year to month/year or “present”)
- Number of hours per week you worked (if part time)
SPECIALIZED EXPERIENCE REQUIREMENTS:
To qualify, you must have one (1) year of specialized experience at the next
lower GS-grade (or equivalent). Specialized experience is defined as follows:
- Experience in assessing the robustness of cybersecurity practices for cloud-based Software as a Service (SaaS) solutions.
- Experience developing operational procedures for cloud-based SaaS systems.
- Experience automating security analytics for SaaS systems.
How to Apply
This job posting has closed.
Please see our other open positions.
Basic information
Open to U.S. citizens or nationals (residents of American Samoa and Swains Island). Subject to background check. Full information is available on USAJOBS.
Supervisory status: Non-Supervisory
Job title: Login.gov: Security Engineer Technical Expert - Analyst
Official title in USAJOBS: Information Technology Specialist (INFOSEC)
Number of vacancies: 1
Location: Anywhere in the U.S. (remote)
Salary range: GS-15 ($136,908 to $183,500)
Your salary, including base and locality, will be determined upon selection, dependent on your actual duty location. Please note the maximum salary available for the GS pay system is $183,500. For specific details on locality pay, please visit OPM’s Salaries & Wages page or for a salary calculator OPM’s 2023 General Schedule (GS) Salary Calculator. You can find more information in our compensation and benefits section.
Travel requirement: Occasional travel may be required up to 10%-20% per year.
Work schedule: Full time.
Appointment type: This is a permanent position.
Learn more about the benefits of working at GSA and TTS.
Role summary
As a security analyst technical expert, you will report to Login.gov’s security branch chief. In this fully remote position, you will work closely with Login.gov’s product and platform teams to improve Login.gov’s defensive capabilities. You will play a key role in helping Login.gov’s security team implement best practices to protect user data, secure Login.gov’s application and infrastructure, and combat fraud and abuse. You will provide strategic guidance to Login.gov’s leadership team, provide feedback on security program objectives, and lead improvements to Login.gov’s cybersecurity practice.
Key objectives
1. Contribute to Login.gov’s Cybersecurity Practice
-
Contribute to vulnerability testing and analysis, incident response and analysis, alert response and analysis activities.
-
Conduct data analytics activities to support monitoring, detecting, defending against, or responding to security incidents.
-
Automate data analytics or security processes by using object-oriented languages (e.g., Python).
-
Collaborate with application development teams, platform engineers, and Security Operations Center (SOC) engineers to build and implement security in an open source, live services environment.
-
Collaborate with User Experience, Infrastructure, and Application Developer Engineers to ensure changes to Login.gov’s product or infrastructure do not negatively impact security.
2. Provide subject matter expertise on cybersecurity practices to Login.gov Leadership
-
Provide guidance on industry standards (e.g., NIST 800 series) and best practices to product managers and application developers
-
Develop standard operating procedures that improve Login.gov’s cybersecurity posture.
-
Collaborate with site reliability engineers to enhance cloud platform security engineering practices.
-
Improve Login.gov’s security operations via automation.
-
Communicate with internal and external partners to share Login.gov’s security posture, risk, and operational processes.
-
Contribute to security program goal setting and roadmapping activities.
3. Ensure Login.gov maintains its FedRAMP authorization
-
Maintain systems that comply with NIST-800-53 controls.
-
Develop and maintain artifacts for cybersecurity assessments
-
Participate in technical interviews for cybersecurity assessments
-
Prepare application developers, site reliability engineers, or platform engineers for technical assessment interviews
-
Propose changes to Login.gov development and site reliability engineering practices to better support automated compliance
4. Collaborate effectively on distributed, agile teams
-
Share knowledge and work collaboratively to integrate anti-identity fraud principles into product and engineering practices.
-
Participate in regular retrospectives and provide feedback to help improve the way the team works.
-
Promote a work environment of respect, diversity, equity, inclusion, accessibility, mutual support, continuous learning, and commitment to customer / partner needs.
Qualifications
Provide as much detail as possible on your resume so that we can evaluate your previous experience. Follow our guidance on creating a federal style resume.
Failure to provide required information may result in disqualification.
For each job on your resume, provide:
- The exact dates you held each job (from month/year to month/year or “present”)
- Number of hours per week you worked (if part time)
SPECIALIZED EXPERIENCE REQUIREMENTS:
To qualify, you must have one (1) year of specialized experience at the next lower GS-grade (or equivalent). Specialized experience is defined as follows:
- Experience in assessing the robustness of cybersecurity practices for cloud-based Software as a Service (SaaS) solutions.
- Experience developing operational procedures for cloud-based SaaS systems.
- Experience automating security analytics for SaaS systems.
