Login.gov: Security Engineering Supervisor
This job posting has closed.
Please see our other open positions.
Basic information
Open to U.S. citizens or nationals (residents of American Samoa and Swains
Island). Subject to background check. Full information
is
available on
USAJOBS.
Supervisory status: Supervisory
Job title: Login.gov: Security Engineering Supervisor
Official title in USAJOBS: Superivsory IT Specialist (INFOSEC)
Number of vacancies: 1
Location: Anywhere in the U.S. (remote)
Salary range: GS-15 ($143,736 to $191,900)
Your salary, including base and locality, will be determined upon selection,
dependent on your actual duty location. Please note the maximum salary available
for the GS pay system is $191,900. For specific details on locality pay, please
visit OPM’s Salaries & Wages page
or for a salary calculator
OPM’s 2024 General Schedule (GS) Salary Calculator. You can find more
information in our
compensation and benefits section.
Travel requirement:
Occasional travel may be required up to 10%-20% per year.
Work schedule:
Full time.
Appointment type:
This is a permanent position.
Learn more about the benefits of working at
GSA and
TTS.
Role summary
This opportunity is located in the Technology Transformation Services (TTS) Solutions Division’s Login.gov team. The Login.gov team is remote-first and is composed of experts across product development, software engineering, cybersecurity, and platform engineering.
Login.gov is a FedRAMP authorized secure sign-in service created for the public to access participating government agency sites, products, and services. At its core, Login.gov is both an authentication and identity verification service and is now available to all levels of government: federal, state, and local.
As the Security First-Line Supervisor, you will report to Login.gov’s Security Director. In this fully remote position, you will lead and work to improve Login.gov’s security operations. You will manage nine security engineering team members. In this role, you will play a key role in helping Login.gov’s security team implement best practices to improve Login.gov’s fraud program, infrastructure, and cybersecurity posture. You will provide strategic guidance to Login.gov’s leadership team, provide feedback on fraud program objectives, security program objectives, and lead improvements to Login.gov’s cybersecurity practice.
Key objectives
1. Lead Login.gov’s Cybersecurity and Compliance Practice
-
Serves as a supervisor for the Login.gov cybersecurity and compliance organization.
-
Provide feedback to Login.gov’s product roadmap with respect to cybersecurity impacts.
-
Develop a cybersecurity and compliance roadmap for the Login.gov system in collaboration with Login.gov’s fraud operations team, platform engineering team, and product teams.
-
Develop and design organizational structures and practices to enable security engineering and FedRAMP compliance following industry best practices.
-
Provide technical leadership to address security gaps associated with cloud-based Software as a Service (SaaS) digital identity products.
-
Develop and execute policies, processes, plans, and initiatives to ensure effective growth, continual development, and sustainment of the Login.gov security and compliance program.
-
Provide general acquisition support for the procurement of security engineering and compliance services and identity products.
-
Help the Login.gov security and compliance teams align on and adhere to shared processes, deliver results, maintain high standards, and resolve conflicts. Connect teams to resources, amplify team successes, and help teams to pivot or adapt as needed.
-
Provide acquisition oversight for cybersecurity products and services.
-
Help identify opportunities for professional growth and learning for Login.gov individual contributors.
2. Provide subject matter expertise on Security Operations to Login.gov Leadership
-
Demonstrate expertise in security industry standards (e.g., NIST 800 series) and best practices.
-
Demonstrate expertise in developing standard operating procedures for securing Software as a Service applications, improving the security posture of cloud-based services, and identity fraud investigations and analysis.
-
Demonstrate knowledge of software product delivery in a federal DevOps environment.
-
Demonstrate experience with cloud architecture and infrastructure as code.
-
Communicates with internal and external partners to share Login.gov’s security and fraud operations posture, risk, and operational processes.
-
Lead security program goal setting and roadmapping activities.
3. Ensure Login.gov maintains its FedRAMP authorization
-
Demonstrate expertise in maintaining systems that comply with NIST-800-53 controls.
-
Demonstrate expertise in leading or developing and maintaining artifacts for cybersecurity assessments.
-
Demonstrate expertise in leading technical interviews for cybersecurity assessments.
-
Demonstrate expertise in preparing application developers, site reliability engineers, or platform engineers for technical assessment interviews.
-
Propose changes to Login.gov development and site reliability engineering practices to better support automated compliance.
4. Collaborate effectively on distributed, agile teams
-
Openly share knowledge and integrate anti-identity fraud principles into product and engineering practices.
-
Lead regular retrospectives and provide feedback to help improve the way the team works.
-
Maintain a work environment of respect, diversity, equity, inclusion, accessibility, mutual support, flexibility, collaboration, continuous learning, and commitment to customer / partner needs. Ensure all perspectives are valued and included. Uphold TTS values of inclusion, integrity, and impact.
Qualifications
Provide as much detail as possible on your resume so that we can evaluate your
previous experience. Follow our
guidance on creating a federal style resume.
Failure to provide required information may result in disqualification.
For each job on your resume, provide:
- The exact dates you held each job (from month/year to month/year or “present”)
- Number of hours per week you worked (if part time)
SPECIALIZED EXPERIENCE REQUIREMENTS:
To qualify, you must have one (1) year of specialized experience at the next
lower GS-grade (or equivalent). Specialized experience is defined as follows:
- Leading Authority to Operate, Certificate to Field, or other cybersecurity compliance assessment.
- Providing cybersecurity guidance to application development teams, anti-fraud teams, platform engineers, or Security Operations Center (SOC) engineers.
- Leading the overall planning, management and direction of a security and compliance program or line of business, or a single, highly complex security project, product or business.
- Overseeing a customer-facing digital identity product or a public-facing government technology product that serves multiple constituencies of users.
- Partnering with leadership and stakeholders across teams or agencies to achieve organizational goals.
- Leading and/or supervising a team and providing mentorship, support and professional development opportunities.
How to Apply
This job posting has closed.
Please see our other open positions.
Basic information
Open to U.S. citizens or nationals (residents of American Samoa and Swains Island). Subject to background check. Full information is available on USAJOBS.
Supervisory status: Supervisory
Job title: Login.gov: Security Engineering Supervisor
Official title in USAJOBS: Superivsory IT Specialist (INFOSEC)
Number of vacancies: 1
Location: Anywhere in the U.S. (remote)
Salary range: GS-15 ($143,736 to $191,900)
Your salary, including base and locality, will be determined upon selection, dependent on your actual duty location. Please note the maximum salary available for the GS pay system is $191,900. For specific details on locality pay, please visit OPM’s Salaries & Wages page or for a salary calculator OPM’s 2024 General Schedule (GS) Salary Calculator. You can find more information in our compensation and benefits section.
Travel requirement: Occasional travel may be required up to 10%-20% per year.
Work schedule: Full time.
Appointment type: This is a permanent position.
Learn more about the benefits of working at GSA and TTS.
Role summary
This opportunity is located in the Technology Transformation Services (TTS) Solutions Division’s Login.gov team. The Login.gov team is remote-first and is composed of experts across product development, software engineering, cybersecurity, and platform engineering.
Login.gov is a FedRAMP authorized secure sign-in service created for the public to access participating government agency sites, products, and services. At its core, Login.gov is both an authentication and identity verification service and is now available to all levels of government: federal, state, and local.
As the Security First-Line Supervisor, you will report to Login.gov’s Security Director. In this fully remote position, you will lead and work to improve Login.gov’s security operations. You will manage nine security engineering team members. In this role, you will play a key role in helping Login.gov’s security team implement best practices to improve Login.gov’s fraud program, infrastructure, and cybersecurity posture. You will provide strategic guidance to Login.gov’s leadership team, provide feedback on fraud program objectives, security program objectives, and lead improvements to Login.gov’s cybersecurity practice.
Key objectives
1. Lead Login.gov’s Cybersecurity and Compliance Practice
-
Serves as a supervisor for the Login.gov cybersecurity and compliance organization.
-
Provide feedback to Login.gov’s product roadmap with respect to cybersecurity impacts.
-
Develop a cybersecurity and compliance roadmap for the Login.gov system in collaboration with Login.gov’s fraud operations team, platform engineering team, and product teams.
-
Develop and design organizational structures and practices to enable security engineering and FedRAMP compliance following industry best practices.
-
Provide technical leadership to address security gaps associated with cloud-based Software as a Service (SaaS) digital identity products.
-
Develop and execute policies, processes, plans, and initiatives to ensure effective growth, continual development, and sustainment of the Login.gov security and compliance program.
-
Provide general acquisition support for the procurement of security engineering and compliance services and identity products.
-
Help the Login.gov security and compliance teams align on and adhere to shared processes, deliver results, maintain high standards, and resolve conflicts. Connect teams to resources, amplify team successes, and help teams to pivot or adapt as needed.
-
Provide acquisition oversight for cybersecurity products and services.
-
Help identify opportunities for professional growth and learning for Login.gov individual contributors.
2. Provide subject matter expertise on Security Operations to Login.gov Leadership
-
Demonstrate expertise in security industry standards (e.g., NIST 800 series) and best practices.
-
Demonstrate expertise in developing standard operating procedures for securing Software as a Service applications, improving the security posture of cloud-based services, and identity fraud investigations and analysis.
-
Demonstrate knowledge of software product delivery in a federal DevOps environment.
-
Demonstrate experience with cloud architecture and infrastructure as code.
-
Communicates with internal and external partners to share Login.gov’s security and fraud operations posture, risk, and operational processes.
-
Lead security program goal setting and roadmapping activities.
3. Ensure Login.gov maintains its FedRAMP authorization
-
Demonstrate expertise in maintaining systems that comply with NIST-800-53 controls.
-
Demonstrate expertise in leading or developing and maintaining artifacts for cybersecurity assessments.
-
Demonstrate expertise in leading technical interviews for cybersecurity assessments.
-
Demonstrate expertise in preparing application developers, site reliability engineers, or platform engineers for technical assessment interviews.
-
Propose changes to Login.gov development and site reliability engineering practices to better support automated compliance.
4. Collaborate effectively on distributed, agile teams
-
Openly share knowledge and integrate anti-identity fraud principles into product and engineering practices.
-
Lead regular retrospectives and provide feedback to help improve the way the team works.
-
Maintain a work environment of respect, diversity, equity, inclusion, accessibility, mutual support, flexibility, collaboration, continuous learning, and commitment to customer / partner needs. Ensure all perspectives are valued and included. Uphold TTS values of inclusion, integrity, and impact.
Qualifications
Provide as much detail as possible on your resume so that we can evaluate your previous experience. Follow our guidance on creating a federal style resume.
Failure to provide required information may result in disqualification.
For each job on your resume, provide:
- The exact dates you held each job (from month/year to month/year or “present”)
- Number of hours per week you worked (if part time)
SPECIALIZED EXPERIENCE REQUIREMENTS:
To qualify, you must have one (1) year of specialized experience at the next lower GS-grade (or equivalent). Specialized experience is defined as follows:
- Leading Authority to Operate, Certificate to Field, or other cybersecurity compliance assessment.
- Providing cybersecurity guidance to application development teams, anti-fraud teams, platform engineers, or Security Operations Center (SOC) engineers.
- Leading the overall planning, management and direction of a security and compliance program or line of business, or a single, highly complex security project, product or business.
- Overseeing a customer-facing digital identity product or a public-facing government technology product that serves multiple constituencies of users.
- Partnering with leadership and stakeholders across teams or agencies to achieve organizational goals.
- Leading and/or supervising a team and providing mentorship, support and professional development opportunities.
