Second Front Systems (2F) is seeking an ambitious and detail-driven Security Authorization Specialist to join our mission-driven team. We are a dynamic, fast-growing entrepreneurial company at the intersection of cutting-edge technology and national security, committed to delivering transformative solutions that empower our nation’s defenders. This is an opportunity to play a pivotal role in the security and trust posture of a company that is redefining how software is delivered and secured in the defense sector.
At 2F, we thrive on innovation and purpose, combining a startup’s agility with a clear mission to support national security. You will be at the forefront of driving the authorization work behind the deployment and scaling of our revolutionary Game Warden platform—an industry-leading tool that is accelerating the secure adoption of mission-critical SaaS solutions for the U.S. government. If you’re ready to contribute to a team that values rigor, collaboration, and impact, we want to hear from you
The Security Authorization Specialist will own the technical and documentation workstreams that keep Game Warden authorized across FedRAMP and related US agency ATO programs. You will author control narratives, build and maintain authorization evidence, and drive continuous monitoring so our authorizations stay current and our controls get stronger over time.
Note: This role requires U.S. citizenship due to government contract requirements. Additionally, candidates must reside in one of our approved hiring hubs:
DC/Maryland/Virginia
Raleigh/Durham/Chapel Hill, NC
Denver/Colorado Springs, CO
Dallas/Fort Worth, TX
Own the authorization workstreams for Game Warden across FedRAMP and US agency ATO packages, including initial authorizations, annual assessments, and significant change requests.
Author and maintain System Security Plans (SSPs), control implementation narratives, Plans of Action & Milestones (POA&Ms), and supporting authorization artifacts that accurately reflect our architecture, controls, and operating reality. Drive findings and control gaps to closure with measurable outcomes.
Drive continuous monitoring activities including monthly POA&M updates, vulnerability and patch reporting, significant change reviews, and annual control assessments.
Serve as a technical point of contact for 3PAOs, agency reviewers, and sponsor authorization officials during assessments, readiness reviews, and audits.
Partner closely with Product, Engineering, Security Operations, and Cybersecurity Assessment teams to map technical controls to FedRAMP and NIST 800-53 requirements, and to collect defensible evidence.
Translate complex regulatory requirements into clear, actionable guidance that engineering teams can implement, not just policy language.
Use and help improve our GRC and evidence automation tooling to streamline control mapping, evidence collection, and continuous monitoring, writing basic scripts or queries (e.g., Python, Bash, SQL, simple API calls) where they save the team time.
Contribute to the evolution of 2F’s authorization processes, tooling, and evidence workflows as we scale our portfolio across frameworks and environments.
5+ years of experience in security compliance, authorization, or GRC work, with hands-on FedRAMP experience.
Demonstrated success authoring and maintaining SSPs, POA&Ms, control narratives, and continuous monitoring artifacts for US federal authorization programs.
Strong working knowledge of NIST 800-53, NIST 800-37 (RMF), and FedRAMP-specific guidance and templates.
Practical understanding of modern cloud architectures and how common cloud-native patterns (AWS services, containers, Kubernetes, CI/CD) map to technical controls.
Experience supporting 3PAO assessments, annual reviews, or agency ATO efforts from a vendor or integrator side.
Excellent written communication; able to produce assessor-ready documentation and control language.
Active U.S. Top Secret (TS) security clearance required; eligibility for access to Sensitive Compartmented Information (SCI) required.
Active professional security certification such as CISSP, CISM, or Security+.
Experience with DoD IL4/IL5 authorizations, DISA SRG, or agency-specific ATO processes.
Familiarity with additional frameworks such as NIST 800-171, CMMC, ISO 27001, or NCSC cloud security principles.
Hands-on experience with GRC and evidence automation platforms (e.g., Drata, Xacta, or similar) including configuring integrations, tuning control mappings, and building reusable evidence workflows.
Exposure to infrastructure-as-code, observability, and cloud-native tooling in support of continuous control evidence (e.g., Terraform, AWS Config).
Prior experience working in cleared or classified environments and with government authorization stakeholders.
Have a strong interest in matters of national security
The expected base salary range for this role is $119,000 – $160,000. Final compensation will be based on factors such as experience, skills, level, and geographic location. This role may also be eligible for discretionary bonuses and equity grants as part of the total compensation package.
Viewing obstacles as opportunities for growth
Having a bias toward action and tangible, measurable results
Striving to be both compassionate and direct with your feedback
Being team-oriented and inclusive with your actions
As a public benefit corporation, we’re a team of purpose-driven trailblazers transforming the future of U.S. national security. We hire the best to do their best and, as such, we are committed to providing the perks and benefits you need to be successful—both in- and outside the workplace.
We offer you:
Competitive Salary
100% Healthcare, vision and dental coverage
401(k) + 3% company contribution
Equity incentive plan
Tech + office supplies stipend
Annual professional development stipend
Flexible paid time off + federal holidays off
Parental leave
Work from anywhere
Referral Bonus
Visit our careers page to learn more.
Second Front Systems (2F) is a public-benefit software company powering software for the free world. We eliminate the friction that slows innovation, enabling faster, more secure development and deployment of software across government and regulated networks. Built by national security veterans and backed by top-tier venture capital, our platform is trusted by the world’s leading organizations to cut deployment timelines from years to weeks. We move fast, solve hard problems, and deliver trusted capabilities where they’re needed most. Our work strengthens global security and gives the United States and its allies a lasting competitive advantage. Learn more at secondfront.com.
ONE LAST THING…
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.
Are you ready to join our team?
To apply, click the “Apply for This Job” button at the top or bottom of this page and complete the application form.
This position will remain open until filled, and applications will be reviewed on a rolling basis.
STATE NOTICES
Colorado:
In accordance with Colorado law, applicants may redact their date of birth, dates of attendance, and dates of graduation from any uploaded documents.
Maryland:
UNDER MARYLAND LAW, AN EMPLOYER MAY NOT REQUIRE OR DEMAND, AS A CONDITION OF EMPLOYMENT, PROSPECTIVE EMPLOYMENT, OR CONTINUED EMPLOYMENT, THAT AN INDIVIDUAL SUBMIT TO OR TAKE A POLYGRAPH EXAMINATION OR SIMILAR TEST. AN EMPLOYER WHO VIOLATES THIS LAW IS GUILTY OF A MISDEMEANOR AND SUBJECT TO A FINE NOT EXCEEDING $100.
Loading similar jobs...
Discover fully remote job opportunities in the United States at USA Remote Jobs. Apply for roles like Software Developer, Customer Service Specialist, Project Manager, and more!