The ideal candidate is a detail-oriented cybersecurity professional who can support secure operations, compliance, risk management, and continuous monitoring for a mission-critical federal grants platform. This role emphasizes federal security requirements, ATO support, POA&M management, incident response, security documentation, vulnerability coordination, and collaboration across technical, operational, and federal stakeholder teams. As a Security Specialist, you will support cybersecurity, privacy, compliance, and risk management activities for Grants.gov application operations, application platform services, approved enhancements, transition activities, disaster recovery, and ongoing modernization coordination. You will work closely with federal security stakeholders, system owners, ISSOs, architects, developers, operations staff, cloud teams, database administrators, testers, IV&V partners, helpdesk partners, and program leadership to help ensure Grants.gov complies with applicable federal and agency IT security, privacy, and compliance regulations, policies, standards, and requirements. You will contribute to secure operations through security documentation, continuous monitoring, vulnerability tracking, POA&M coordination, incident response support, ATO activities, and security oversight for a public-facing federal shared service. Support implementation, monitoring, and documentation of federal cybersecurity, privacy, and compliance requirements for Grants.gov applications, platform services, chatbot capabilities, integrations, and related support systems. Contribute to Authority to Operate activities, including security documentation updates, control evidence collection, assessment preparation, remediation tracking, and coordination with federal security stakeholders. Manage and support POA&M activities by tracking findings, coordinating remediation owners, documenting milestones, validating closure evidence, and communicating risk status to program and security leadership. Coordinate vulnerability management activities, including scan review, issue triage, remediation planning, exception tracking, patch coordination, and verification of resolved findings across application and platform teams. Support security monitoring, intrusion detection coordination, incident response, incident notification, incident reporting, root cause analysis, and recommendations to reduce recurrence. Coordinate with development, operations, cloud, database, network, and application platform teams to ensure security considerations are incorporated into releases, configuration changes, deployments, maintenance activities, and enhancements. Review system changes, technical designs, operational procedures, and documentation for security impacts, compliance alignment, and required updates to security artifacts. Support disaster recovery, continuity of operations, backup recovery demonstrations, and contingency planning activities from a security and compliance perspective. Maintain and update security-related artifacts, including system security documentation, control implementation details, risk registers, incident reports, remediation plans, operating procedures, and compliance evidence. Support transition-in and transition-out activities by helping validate security documentation, accounts, certificates, licenses, support systems, inventories, controls, and operational security responsibilities. Prepare and communicate security status, risks, issues, remediation progress, incident impacts, control gaps, and compliance recommendations in formats appropriate for executive, federal, technical, and non-technical audiences.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Senior