Open to U.S. citizens or nationals (residents of American Samoa and Swains Island). Subject to background check. Full information will be available on USAJOBS.

Supervisory status: Supervisory

Job title: FedRAMP: Director GS15

Official title in USAJOBS: 2210 Supervisory (INFOSEC) GS15

Number of vacancies: 1

Location: Anywhere in the U.S. (remote)

Salary range: GS-15 ($136,908 to $183,500)

Your salary, including base and locality, will be determined upon selection, dependent on your actual duty location. Please note the maximum salary available for the GS pay system is $183,500. For specific details on locality pay, please visit OPM’s Salaries & Wages page or for a salary calculator OPM’s 2023 General Schedule (GS) Salary Calculator. You can find more information in our compensation and benefits section.

Travel requirement: Occasional travel may be required up to 10%-20% per year.

Work schedule: Full time.

Appointment type: This is a permanent position.

Learn more about the benefits of working at GSA and TTS.

Role summary

The Director of FedRAMP is the principal leader and point of contact for the Federal Risk Management and Authorization Program.

The American people deserve to trust that their government is effectively securing their online interactions. Those agencies, in turn, trust FedRAMP to provide fair, accurate and unbiased assessments of cloud service offerings. FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment and maintaining a centralized repository of security packages that agencies can request and reuse. FedRAMP is a mission-critical public-private partnership that connects agency-based cybersecurity officers and private sector cloud service providers to provide secure cloud products that enable government technologists to efficiently serve the American public.

The Director will oversee the FedRAMP strategy, spanning the marketplace, public engagement, program performance, and supervising staff and resources. This role requires a careful balance of entrepreneurial spirit and cybersecurity expertise to meet the objectives.

Key objectives

1. You will oversee the growth of a dynamic FedRAMP marketplace of cloud service offerings.

  • Act as primary steward of this marketplace and its governance, including relationships with industry, agency-based cybersecurity officers, experts in standards and compliance for federal IT, and the FedRAMP program management office staff.
  • Identify and understand the present and future needs of the federal enterprise, and create strategies to bring new technologies from cloud service providers into the federal marketplace to meet those needs.
  • Serve as the primary spokesperson for the FedRAMP program with both industry and government, representing the federal government’s cybersecurity needs across the commercial cloud sector.
  • Oversee communications, marketing and positioning for the FedRAMP program, addressing audiences that include, GSA leadership, the official FedRAMP Advisory Committee, Congress, the White House, private industry and independent oversight bodies.

2. You will make it easier for federal agencies and cloud service providers to engage with FedRAMP.

  • Oversee the pipeline of cloud service provider assessments that form the backbone of the program.
  • Direct a cohesive program of enhancements for this pipeline that respond to cloud service provider and agency feedback, manage ever-evolving cybersecurity requirements, and support sound technological decision-making across the federal enterprise.
  • Oversee the FedRAMP program staff who regularly engage with all aspects of the marketplace, and will develop and report on measures of marketplace reach, quality and efficiency for examination by FedRAMP stakeholders.

3. You will sustain FedRAMP’s reputation as a trusted independent evaluator of cloud services for the federal enterprise.

  • Navigate the complex legal and policy environment and balance multiple, overlapping demands
  • Develop staff members for success in a rapidly evolving, high-stakes environment.
  • Ensure that all program activities and assessments comply with all applicable standards and policies.


Provide as much detail as possible on your resume so that we can evaluate your previous experience. Follow our guidance on creating a federal style resume.

Failure to provide required information may result in disqualification.

For each job on your resume, provide:

  • The exact dates you held each job (from month/year to month/year or “present”)
  • Number of hours per week you worked (if part time)


To qualify, you must have one (1) year of specialized experience at the next lower GS-grade (or equivalent). Specialized experience is defined as follows:

  • Leading the overall planning, management, oversight and direction of a highly complex digital program, product or business.
  • Supervising teams working on cybersecurity or cloud technology products.
  • Building alignment with a complex network of internal/external stakeholders, customers and partners.
  • Communicating complex security or technical materials to broad audiences.
  • Technical knowledge related to cloud technologies and cybersecurity principles.
  • Experience with industry or government accreditation or compliance programs and/or standards, such as International Standards Organization (ISO), Health Insurance Portability and Accountability Act (HIPAA), Security Operations Center (SOC), Payment Card Industry (PCI), National Institute of Standards and Technology (NIST), or FedRAMP.