CybersecurityJobs.io
← Back to all jobs

Job Description

US Federal Student Aid offers a comprehensive benefits package, a family‑friendly work environment, paid time off for parent/teacher conferences and health screenings, and opportunities for professional growth. This on‑site role in San Francisco supports a mission to modernize systems serving more than 17 million students and over $120 billion in financial aid each year. In addition to a competitive salary, eligible employees may access relocation and recruitment incentives, student loan repayment programs, and flexible work arrangements that help balance career and personal commitments.

Overview

This position is with the U.S. Department of Education, Federal Student Aid. The role focuses on enterprise cybersecurity program oversight across the FSA environment, with emphasis on modern federal security standards and risk management practices to safeguard Federal Tax Information and Controlled Unclassified Information.

Responsibilities

  • Lead enterprise cybersecurity program oversight across the FSA environment, ensuring stakeholder security requirements are implemented across Zero Trust, segmented, and cloud architectures; advise senior leadership on security posture.
  • Manage enterprise safeguards and compliance programs with expertise in IRS Publication 1075, GLBA Safeguards Rule, NIST SP 800-53, and NIST SP 800-171; supervise implementation and continuous monitoring of controls for systems processing FTI and CUI; drive the full NIST SP 800-171 compliance lifecycle for institutions of higher education.
  • Direct Authority to Operate and Operational Security Assessment activities; conduct RMF-aligned risk assessments, impact analyses, control evaluations, and continuous monitoring; serve as technical authority on enterprise risk posture with strong communication skills.
  • Oversee incident response and compliance case management, including triage, investigations, documentation, corrective action tracking, and regulatory reporting; provide senior advisory support during high risk events.
  • Drive enterprise risk management artifacts, support governance committees, deliver training and cybersecurity communications; manage the Enterprise Risk Management tool and user support.

Technologies

  • FISMA, FedRAMP, DHS BODs
  • Zero Trust, NIST SP 800-53, NIST SP 800-171
  • IRS Publication 1075, GLBA Safeguards Rule
  • FTI, CUI, RMF, ATO, OSA, ERM

Requirements

  • Relocation will not be paid
  • One year probationary period may apply
  • Males 18 and over must be registered with the Selective Service
  • U.S. Citizenship required
  • Background investigation and fingerprint check required
  • Drug testing position
  • Probation or trial period may be required to evaluate fitness for the public interest
  • Must meet all qualification requirements within 30 days of the closing date

Specialized Experience for GS-14

One year of experience equivalent to at least GS-13 performing two of the following duties:

  • Managing cybersecurity compliance programs (NIST SP 800-171, GLBA, FTI) in complex enterprise or higher education environments, coordinating controls, assessments, and audit readiness
  • Leading federal or private cybersecurity audits, creating corrective action plans, interpreting findings, and coordinating remediation
  • Developing and executing enterprise cybersecurity training, governance artifacts (risk registers, dashboards), and ERM/committee reporting

Basic Experience Requirements

  • Attention to Detail
  • Customer Service
  • Decision Making
  • Information Management
  • Interpersonal Skills
  • Oral Communication
  • Problem Solving
  • Teamwork
  • Technical Competence

Knowledge, Skills, and Abilities

  • Knowledge of enterprise security programs, risk mitigation, vulnerability management, and executive communication
  • Ability to interpret federal cybersecurity regulations and implement controls for FTI/CUI environments
  • RMF/ATO, continuous monitoring, and enterprise risk analysis
  • Incident handling, regulatory reporting, stakeholder coordination, escalation leadership
  • ERM governance, training development, and tooling administration

Education

Education cannot be substituted for experience for this position and grade level.

Qualifications

  • Preferred certifications: CISSP or CISA

Open to

  • The public: U.S. Citizens, Nationals or those who owe allegiance to the U.S.
  • Career transition (CTAP, ICTAP, RPL): Federal employees eligible for priority consideration

Agency clarification

This announcement is open to all U.S. Citizens and may be filled through Direct Hire Authority for IT Specialist positions. All applicants who meet the qualifications will be forwarded for consideration. Category Rating, Veterans Preference, Schedule A and traditional rating/ranking do not apply to this vacancy.

Additional information

  • Veterans Career Counseling available by emailing [email protected]
  • Student Loan Default verification required; arrangements must be made prior to offer if in default
  • Declaration for Federal Employment (OF-306) required to determine suitability; pre-appointment investigation/background check
  • Essential for federal closures: this position is considered essential
  • Financial disclosure not required; bargaining unit not included
  • Selections may occur from multiple sources and additional selections may occur within 90 days

Similar Jobs

Get Job Alerts

New jobs delivered to your inbox.