[Hiring] Platform Security Lead @Sprezzatura Management Consulting

Role Description

The Security Lead will be responsible for overseeing the security posture of the VA.gov Platform Management environment, ensuring compliance with VA security requirements, proactive risk management, vulnerability remediation, and operational security coordination across the platform ecosystem. This role serves as the primary point of contact for security operations, working closely with engineering, infrastructure, development, and VA stakeholders to protect platform integrity while enabling uninterrupted service delivery.

Responsibilities

• Lead security operations for the VA.gov Platform Management environment, ensuring alignment with VA cybersecurity policies, standards, and compliance requirements.
• Serve as the primary security point of contact for platform-related incidents, vulnerabilities, audits, and risk management activities.
• Coordinate vulnerability identification, remediation tracking, patch management oversight, and security issue resolution across teams.
• Monitor security alerts, findings, and emerging threats impacting platform operations and escalate issues as appropriate.
• Partner with infrastructure, DevOps, development, and operations teams to embed security into operational processes and technical implementations.
• Support Authority to Operate (ATO) sustainment activities, documentation updates, audit responses, and security control validation efforts.
• Maintain and manage Plans of Action & Milestones (POA&Ms), risk registers, and remediation tracking for platform security findings.
• Oversee access control governance, privileged access reviews, account management, and security-related onboarding/offboarding coordination.
• Support incident response activities, root cause analysis, corrective actions, and post-incident security improvements.
• Provide leadership reporting on security posture, risks, remediation progress, and compliance health.

Qualifications

• Ability to obtain and maintain a Public Trust clearance.
• 10+ years of relevant IT/security experience.
• Experience supporting enterprise cybersecurity operations, compliance programs, and security governance in complex IT environments.
• Experience with vulnerability management, incident response, access management, and security remediation coordination.
• Experience supporting federal security compliance frameworks, including NIST, FISMA, ATO sustainment, and security control assessments.
• Experience working in highly regulated government environments, preferably VA or federal healthcare environments.
• Experience collaborating across technical and operational teams in production support environments.

Preferred Qualifications

• CISSP, CISM, Security+, or equivalent cybersecurity certification.
• Experience supporting cloud security and modern platform/infrastructure environments.
• Familiarity with DevSecOps practices, monitoring/security tooling, and continuous compliance processes.
• Experience with VA security governance processes and enterprise security stakeholders preferred.

Working Conditions

Standard Business hours are Monday through Friday. Occasional extended or weekend hours may be required based on operational needs. Must have reliable internet service that allows for effective telecommuting.

Benefits

• Medical, Dental, and Vision.
• Health Saving Account (when enrolled in eligible plan) with Company contribution.
• Company paid Life, Accidental Death, Short-term & Long-term Disability.
• Voluntary Accident, Hospital Indemnity, & Critical Care Insurance.
• Voluntary Medical & Dependent Care Flexible Spending Accounts.
• Accrued Paid Time Off & Company Paid Holidays.
• 401(k) Retirement Plan with Company match.

Work Authorization

Sprezzatura participates in E-Verify and will provide the federal government with your I-9 information to confirm that you are authorized to work in the U.S.