Consultant technique pour Microsoft 365 Security à Ingram Micro, impliqué dans le support avant - vente et le déploiement des solutions cloud Microsoft.
About the role
- Security Lead managing GSA cloud applications security architecture. Collaborating with teams to ensure compliance with federal security standards and best practices.
Responsibilities
- Serve as the primary authority for system security architecture and compliance
- Collaborate directly with GSA security personnel to define and implement security and compliance controls required for cloud-based applications
- Ensure development teams adhere to approved security architecture and control implementations
- Establish and maintain security documentation, policies, and procedures aligned with federal standards
- Ensure compliance with FISMA and agency-specific security policies governing federal information systems.
- Lead the system through the full Authorization to Operate (ATO) lifecycle for applications
- Develop and maintain System Security Plans (SSPs), security control documentation, and supporting artifacts
- Manage Plans of Action and Milestones (POA&Ms) and track remediation activities
- Support security control assessments and coordinate responses to findings
- Align controls with guidance from the National Institute of Standards and Technology (NIST), FedRAMP requirements, and Trusted Internet Connections (TIC)/cloud security guidance
- Embed automated security controls into CI/CD pipelines to enable secure, continuous delivery
- Promote secure coding practices and continuous monitoring across development teams
- Conduct security risk assessments and oversee vulnerability scanning and penetration testing activities
- Manage security incident response coordination and reporting
- Maintain continuous monitoring practices and ensure audit readiness for all system components
- Support ongoing authorization and continuous ATO practices through automated control monitoring and real-time risk visibility.
Requirements
- Demonstrated experience serving as a Security Lead (or equivalent role) on federal IT programs
- Extensive hands-on experience implementing federal security architectures aligned with NIST guidance, FedRAMP, and TIC/cloud security requirements
- Proven track record leading systems through the full ATO lifecycle, including SSP development and POA&M management
- Deep understanding of integrating security controls into CI/CD pipelines consistent with DevSecOps principles
- Expert-level knowledge securing applications and infrastructure in AWS cloud environments
- Experience conducting risk assessments, vulnerability management, and maintaining audit readiness
- Strong written and verbal communication skills
Benefits
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Remote work options
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Specialist in Information Security at IESO ensuring security for Ontario's electricity system. Responsibilities include monitoring access logs, delivering security programs, and investigating breaches.
Partner Sales Specialist focusing on enabling partners to sell Microsoft Security solutions. Collaborating with teams to activate partners for effective sales across their customer base.
Cybersecurity Engineer enhancing enterprise security posture at GDIT. Designing secure identity controls and managing authentication solutions for Microsoft environments.
Activity Security Representative providing multi - disciplined security support for a customer’s facility at GDIT. Role involves ensuring security protocols and maintaining documentation for classified materials.
Information Security Officer developing risk management systems and collaborating with stakeholders for a tech company. Working on information assets and engineering teams in a hybrid working environment.
Security Officer providing safety and security services in East Valley locations for Banner Health. Involves emergency response, patrols, alarm monitoring, and writing reports.
Security Engineer contributing to security initiatives for incident management platform at Rootly. Collaborating cross - functionally to ensure reliable and scalable security solutions.
Lead Senior Information System Security Manager (ISSM) for Boeing's cybersecurity programs. Focus on implementing compliance for DFARS/NIST and managing a large portfolio for CUI.
Técnico de Segurança do Trabalho supporting Segurança, Meio Ambiente e Saúde in submarinas operations for Petrobras in Macaé/RJ. Contribuir para ambientes de trabalho seguros e cumprimento de normas.