Platform Security Lead
Sprezzatura · United States · 1 wk ago
RemoteRemoteManagement$165k–$175k/yrFull-time
Responsibilities
- Lead security operations for the VA.gov Platform Management environment, ensuring alignment with VA cybersecurity policies, standards, and compliance requirements
- Serve as the primary security point of contact for platform-related incidents, vulnerabilities, audits, and risk management activities
- Coordinate vulnerability identification, remediation tracking, patch management oversight, and security issue resolution across teams
- Monitor security alerts, findings, and emerging threats impacting platform operations and escalate issues as appropriate
- Partner with infrastructure, DevOps, development, and operations teams to embed security into operational processes and technical implementations
- Support Authority to Operate (ATO) sustainment activities, documentation updates, audit responses, and security control validation efforts
- Maintain and manage Plans of Action & Milestones (POA&Ms), risk registers, and remediation tracking for platform security findings
- Oversee access control governance, privileged access reviews, account management, and security-related onboarding/offboarding coordination
- Support incident response activities, root cause analysis, corrective actions, and post-incident security improvements
- Provide leadership reporting on security posture, risks, remediation progress, and compliance health
Qualifications
- Ability to obtain and maintain a Public Trust clearance
- 10+ years of relevant IT/security experience
- Experience supporting enterprise cybersecurity operations, compliance programs, and security governance in complex IT environments
- Experience with vulnerability management, incident response, access management, and security remediation coordination
- Experience supporting federal security compliance frameworks, including NIST, FISMA, ATO sustainment, and security control assessments
- Experience working in highly regulated government environments, preferably VA or federal healthcare environments
- Experience collaborating across technical and operational teams in production support environments
Preferred Qualifications
- CISSP, CISM, Security+, or equivalent cybersecurity certification
- Experience supporting cloud security and modern platform/infrastructure environments
- Familiarity with DevSecOps practices, monitoring/security tooling, and continuous compliance processes
- Experience with VA security governance processes and enterprise security stakeholders