Platform Security Lead

About The Position

Requirements

• Ability to obtain and maintain a Public Trust clearance
• 10+ years of relevant IT/security experience
• Experience supporting enterprise cybersecurity operations, compliance programs, and security governance in complex IT environments
• Experience with vulnerability management, incident response, access management, and security remediation coordination
• Experience supporting federal security compliance frameworks, including NIST, FISMA, ATO sustainment, and security control assessments
• Experience working in highly regulated government environments, preferably VA or federal healthcare environments
• Experience collaborating across technical and operational teams in production support environments
• U.S. Citizen or Permanent Resident

Nice To Haves

• CISSP, CISM, Security+, or equivalent cybersecurity certification
• Experience supporting cloud security and modern platform/infrastructure environments
• Familiarity with DevSecOps practices, monitoring/security tooling, and continuous compliance processes
• Experience with VA security governance processes and enterprise security stakeholders

Responsibilities

• Lead security operations for the VA.gov Platform Management environment, ensuring alignment with VA cybersecurity policies, standards, and compliance requirements
• Serve as the primary security point of contact for platform-related incidents, vulnerabilities, audits, and risk management activities
• Coordinate vulnerability identification, remediation tracking, patch management oversight, and security issue resolution across teams
• Monitor security alerts, findings, and emerging threats impacting platform operations and escalate issues as appropriate
• Partner with infrastructure, DevOps, development, and operations teams to embed security into operational processes and technical implementations
• Support Authority to Operate (ATO) sustainment activities, documentation updates, audit responses, and security control validation efforts
• Maintain and manage Plans of Action & Milestones (POA&Ms), risk registers, and remediation tracking for platform security findings
• Oversee access control governance, privileged access reviews, account management, and security-related onboarding/offboarding coordination
• Support incident response activities, root cause analysis, corrective actions, and post-incident security improvements
• Provide leadership reporting on security posture, risks, remediation progress, and compliance health

Benefits

• Medical, Dental, and Vision
• Health Saving Account (when enrolled in eligible plan) with Company contribution
• Company paid Life, Accidental Death, Short-term & Long-term Disability
• Voluntary Accident, Hospital Indemnity, & Critical Care Insurance
• Voluntary Medical & Dependent Care Flexible Spending Accounts
• Accrued Paid Time Off & Company Paid Holidays
• 401(k) Retirement Plan with Company match