Security Authorization Specialist
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Security Authorization Specialist managing FedRAMP compliance for the Game Warden platform. Collaborating with cross-functional teams to ensure security and regulatory requirements are met.
Responsibilities:
- Own the authorization workstreams for Game Warden across FedRAMP and US agency ATO packages, including initial authorizations, annual assessments, and significant change requests.
- Author and maintain System Security Plans (SSPs), control implementation narratives, Plans of Action & Milestones (POA&Ms), and supporting authorization artifacts that accurately reflect our architecture, controls, and operating reality. Drive findings and control gaps to closure with measurable outcomes.
- Drive continuous monitoring activities including monthly POA&M updates, vulnerability and patch reporting, significant change reviews, and annual control assessments.
- Serve as a technical point of contact for 3PAOs, agency reviewers, and sponsor authorization officials during assessments, readiness reviews, and audits.
- Partner closely with Product, Engineering, Security Operations, and Cybersecurity Assessment teams to map technical controls to FedRAMP and NIST 800-53 requirements, and to collect defensible evidence.
- Translate complex regulatory requirements into clear, actionable guidance that engineering teams can implement, not just policy language.
- Use and help improve our GRC and evidence automation tooling to streamline control mapping, evidence collection, and continuous monitoring, writing basic scripts or queries (e.g., Python, Bash, SQL, simple API calls) where they save the team time.
- Contribute to the evolution of 2F’s authorization processes, tooling, and evidence workflows as we scale our portfolio across frameworks and environments.
Requirements:
- 5+ years of experience in security compliance, authorization, or GRC work, with hands-on FedRAMP experience.
- Demonstrated success authoring and maintaining SSPs, POA&Ms, control narratives, and continuous monitoring artifacts for US federal authorization programs.
- Strong working knowledge of NIST 800-53, NIST 800-37 (RMF), and FedRAMP-specific guidance and templates.
- Practical understanding of modern cloud architectures and how common cloud-native patterns (AWS services, containers, Kubernetes, CI/CD) map to technical controls.
- Experience supporting 3PAO assessments, annual reviews, or agency ATO efforts from a vendor or integrator side.
- Excellent written communication; able to produce assessor-ready documentation and control language.
- Active U.S. Top Secret (TS) security clearance required; eligibility for access to Sensitive Compartmented Information (SCI) required.
- Active professional security certification such as CISSP, CISM, or Security+.
Benefits:
- Competitive Salary
- 100% Healthcare, vision and dental coverage
- 401(k) + 3% company contribution
- Equity incentive plan
- Tech + office supplies stipend
- Annual professional development stipend
- Flexible paid time off + federal holidays off
- Parental leave
- Work from anywhere
- Referral Bonus
Similar Jobs
Product Security Compliance Lead
Product Security Compliance Lead at Second Front Systems ensuring security architecture and compliance programs. Leading a team in security accreditation efforts and driving innovation in compliance processes.
Senior Cybersecurity Engineer, Advanced Security
Join Presidio as a Senior Cybersecurity Engineer to architect and optimize cutting-edge security solutions. Mentor talent while collaborating to innovate threat detection and response capabilities.
Security Engineer – AI
Security Engineer AI implementing and operating security controls for cloud platforms and AI tools. Focused on Cloud Applications security and custom AI integrations.
Senior Cybersecurity Engineer, Advanced Security
Senior Cybersecurity Engineer responsible for architecting and deploying innovative cybersecurity solutions at Presidio. Collaborating with enterprise clients and leading security transformation projects.
Security Lead, Vulnerability Management
Security LEAD overseeing vulnerability management, coordinating remediation efforts, and generating status reports in a healthcare-focused team environment.
Senior Sales Executive – Cyber Security
Sales Executive responsible for developing new business and maintaining customer relationships in cybersecurity sales. Joining Integrity360, a leading cyber security provider in Europe.
AI Security & Controls Lead
AI Security & Controls Lead enabling secure AI adoption and evaluating AI-specific security controls. Collaborating with engineering and information security to manage AI risks effectively.
Detection & Response, Security Engineer
Detection & Response Security Engineer at WorkOS building detection logic and improving incident response capabilities. Collaborating with the security team to drive threat detection and operational maturity.
Senior Project Consultant – Security
Senior Project Consultant delivering Microsoft security solutions for mid-market and enterprise clients. Leading technical execution for identity-centric security and compliance projects with a customer-centric approach.
Senior Cyber Security Engineer
Senior Cyber Security Engineer for GE Vernova's Wind portfolio, leading cybersecurity initiatives and vulnerability assessments. Collaborating on designs and audits to enhance product security posture.
Product Security Engineer
Product Security Engineer focusing on secure development and security testing at WorkOS. Collaborating with engineering teams to protect users' data and identities.
Senior Cybersecurity Manager – Offensive Security
Leading offensive security capabilities at Home Depot, driving operational excellence across threat intelligence and investigations. Mentoring teams and establishing strategic roadmaps for cybersecurity objectives.
Security Guard
Unarmed Security Guard conducting patrols and monitoring access at cemetery grounds in Dixon, CA. Ensuring safety and security during funeral services and special events.
Cyber Security Specialist, CMMC Compliance
Cyber Security Specialist focusing on achieving CMMC 2.0 compliance in aerospace & defense. Leading security efforts and managing compliance documentation across IT and OT environments.
Information Security Engineer
Information Security Engineer safeguarding systems in a dynamic financial-services environment. Collaborating with cross-functional teams to improve security and compliance efforts.
Project Manager – Compliance Security Assessments
Project Manager driving compliance and security assessments for technology enterprises. Collaborating with cross-functional teams in managing security compliance and project execution.
Information Security Engineer – Endpoint Security Engineering
Information Security Engineer handling endpoint security within global operations. Leading remediation processes and collaborating with IT security tooling to ensure global endpoint security health.
Cybersecurity Threat and Preparedness Expert
Cybersecurity Threat and Preparedness Expert role at TDI focusing on evaluating cybersecurity preparedness and response strategies through hypothetical incident scenarios.
Senior Product Security Engineer – Automation
Senior Product Security Engineer at Red Hat developing automation tools for security processes. Collaborating with teams to enhance security capabilities across products, addressing new risks and vulnerabilities.
Ingeniero en Ciberseguridad Senior
Senior Cybersecurity Engineer supporting software projects in a challenging environment for financial sector clients. Requires deep knowledge in cybersecurity management and agile methodologies.