Job Description

Job Summary:

The Federal Security Consultant will serve as a key member of the Go.gov transformation team, ensuring that SAP Concur and related cloud solutions achieve and sustain FedRAMP Authorization to Operate (ATO). This role bridges enterprise security architecture, compliance engineering, and federal risk management frameworks in a complex, multi-agency program.

 

Duties and Responsibilities:

Duties will include but may not be limited to:

 

• Lead the planning and execution of FedRAMP ATO activities for SAP Concur and aligned SaaS platforms used in the Go.gov modernization program.
• Develop, review, and maintain system security documentation including SSPs, POA&Ms, and related artifacts per NIST SP 800-53 and 800-37 guidelines.
• Interface with GSA IT Security, agency ISSOs, and SAP Cloud Compliance teams to align controls, evidence, and risk assessments.
• Conduct continuous monitoring and controls assessment to sustain authorization.
• Define and communicate security architecture strategies compatible with multi-tenant and hybrid cloud environments.
• Evaluate vendor security postures and integration security impacts for connected applications.
• Support internal and external audits, coordinating responses and remediation activities across functional teams.
• Advise project managers and technical leads on secure configuration baselines and policy compliance.

Minimum Qualifications/Experience:

 

• Minimum 5 years of experience in federal cybersecurity, including at least 3 years in FedRAMP, FISMA, or related authorization frameworks.
• Deep familiarity with NIST SP 800-53, 800-171, and 800-37 RMF.
• Solid understanding of security architecture for cloud SaaS solutions (preferably SAP Concur, Mulesoft, or similar platforms).
• Experience with vulnerability management, incident response, and security operations.
• Strong written and verbal communication skills for interfacing with Federal stakeholders.

Preferred Qualifications:

• CISSP, CISM, or FedRAMP 3PAO experience.
• Experience supporting GSA, DHS, or other civilian agencies in large-scale digital modernization projects.
• Prior involvement in cloud migration or ERP cloud security initiatives.

What You’ll Deliver:

• Secure, compliant SAP Concur implementation aligned with GSA’s Go.gov transformation milestones.
• Comprehensive ATO documentation and control validation evidence.
• A sustainable framework for ongoing monitoring and risk management across participating agencies.

 

Minimum Education:

 

• Bachelor’s Degree in Information Security, Computer Science, or related field. Master’s Degree preferred.

  

• CISSP or CISM Certifications Preferred.

 

Other:

 

• Must be US Citizen with ability to obtain Public Trust Clearance.
• Must be willing to travel to Washington, DC on occasion.

Job Tags

Full time,

Similar Jobs