Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Back to all jobs

Login.gov: Security Engineer Technical Expert - Security Operations

This job posting has closed.

Please see our other open positions.

Basic information

Open to U.S. citizens or nationals (residents of American Samoa and Swains Island). Subject to background check. Full information is available on USAJOBS.

Supervisory status: Non-Supervisory

Job title: Login.gov: Security Engineer Technical Expert - Security Operations

Official title in USAJOBS: Information Technology Specialist (INFOSEC)

Number of vacancies: 1

Location: Anywhere in the U.S. (remote)

Salary range: GS-15 ($136,908 to $183,500)

Your salary, including base and locality, will be determined upon selection, dependent on your actual duty location. Please note the maximum salary available for the GS pay system is $183,500. For specific details on locality pay, please visit OPM’s Salaries & Wages page or for a salary calculator OPM’s 2023 General Schedule (GS) Salary Calculator. You can find more information in our compensation and benefits section.

Travel requirement: Occasional travel may be required up to 10%-20% per year.

Work schedule: Full time.

Appointment type: This is a permanent position.

Learn more about the benefits of working at GSA and TTS.

Role summary

As a security operations expert, you will report to Login.gov’s security branch chief. In this fully remote position, you will work closely with Login.gov’s product and platform teams to improve Login.gov’s security operations. You will play a key role in helping Login.gov’s security team implement best practices to improve Login.gov’s infrastructure and security posture. You will provide strategic guidance to Login.gov’s leadership team, provide feedback on security program objectives, and lead improvements to Login.gov’s cybersecurity practice.

Key objectives

1. Contribute to Login.gov’s Cybersecurity Practice

  • Contribute to security activities such as incident response wargames, infrastructure change review, or static and dynamic code scans and analysis.

  • Improve Software as a Service security controls (e.g., continuous monitoring, logging, incident response, auditing, forensics, access management).

  • Improve Login.gov’s SecOps practices, platform observability, or tooling.

  • Collaborate with application development teams, platform engineers, and Security Operations Center (SOC) engineers to build and implement security in an open source, live services environment.

  • Collaborate with User Experience, Infrastructure, and Application Developer Engineers to ensure changes to Login.gov’s product or infrastructure do not negatively impact security.

2. Provide subject matter expertise on security operations to Login.gov leadership

  • Provide guidance on industry standards (e.g., NIST 800 series) and best practices to security operations engineers and site reliability engineers.

  • Develop standard operating procedures, security policies, and tooling to improve the cybersecurity posture of Login.gov’s cloud platform.

  • Collaborate with site reliability engineers and security operations engineers to enhance cloud platform security operations.

  • Improve Login.gov’s security operations via automation.

  • Communicate with internal and external partners to share Login.gov’s security posture, risk, and operational processes. 

  • Contribute to security program goal setting and roadmapping activities.

3. Ensure Login.gov maintains its FedRAMP authorization

  • Maintain systems that comply with NIST-800-53 controls.

  • Develop and maintain artifacts for cybersecurity assessments

  • Participate in technical interviews for cybersecurity assessments

  • Prepare application developers, site reliability engineers, or platform engineers for technical assessment interviews

  • Propose changes to Login.gov development and site reliability engineering practices to better support automated compliance

4. Collaborate effectively on distributed, agile teams

  • Share knowledge and work collaboratively to integrate anti-identity fraud principles into product and engineering practices.

  • Participate in regular retrospectives and provide feedback to help improve the way the team works.

  • Promote a work environment of respect, diversity, equity, inclusion, accessibility, mutual support, continuous learning, and commitment to customer / partner needs.

Qualifications

Provide as much detail as possible on your resume so that we can evaluate your previous experience. Follow our guidance on creating a federal style resume.

Failure to provide required information may result in disqualification.

For each job on your resume, provide:

  • The exact dates you held each job (from month/year to month/year or “present”)
  • Number of hours per week you worked (if part time)

SPECIALIZED EXPERIENCE REQUIREMENTS:

To qualify, you must have one (1) year of specialized experience at the next lower GS-grade (or equivalent). Specialized experience is defined as follows:

  • Experience in assessing the robustness of cybersecurity practices for cloud-based Software as a Service (SaaS) solutions.
  • Experience developing operational procedures for cloud-based SaaS systems.
  • Experience participating in cybersecurity assessments of cloud-based SaaS systems.

How to Apply

Join TTS

An official website of the GSA’s Technology Transformation Services

Looking for U.S. government information and services?
Visit USA.gov