The General Services Administration (GSA) is seeking a new lead for the Federal Risk and Authorization Management Program (FedRAMP) to oversee vulnerability management and continuous monitoring for the program.
Opening of the new position follows action by Congress last year to codify the FedRAMP program into Federal law, increase the use of security reassessments, facilitate the use of cloud technologies that have already received authorizations to operate, require GSA to work toward automating FedRAMP processes, and create a Federal Secure Cloud Advisory Committee.
“The FedRAMP Program Lead will unite vision and execution to lead an interdisciplinary team in delivering the IT/Cybersecurity vulnerability and continuous monitoring actions leveraging current industry and government cybersecurity laws and policies,” GSA said.
The new position will have three main objectives: “own the product vision and lead end-to-end product/program development and management, work with agency partners to enable cybersecurity risk management, and finally build institutional expertise around program management,” stated the agency.
Although the position has not been opened yet for candidates, GSA is making clear that the agency is looking to expand the program, according to a LinkedIn posting by Brian Conrad, acting director of FedRAMP and the Secure Cloud Division at GSA.
“FedRAMP is growing and adding new capabilities in the Program Management Office. FedRAMP is looking for a seasoned professional to lead the Vulnerability Management & Continuous Monitoring program,” said Conrad.
The hiring news also comes after a recent Government Accountability Office (GAO) report found that some Federal agencies had failed to fully implement FedRAMP requirements in their cloud security practices.