FedRAMP Enterprise Security Architect

About The Position

Requirements

• 10+ years in cloud security architecture, engineering, or related roles (federal workloads preferred).
• Demonstrated expertise for FedRAMP, NIST RMF, and NIST SP 800‑53 Rev 5 controls.
• Deep technical expertise in securing cloud-native platforms: AWS, Azure, Kubernetes, containers, microservices, and modern app architectures.
• Experience both shaping compliance strategy and implementing technical controls hands-on.
• Proven ability to influence cross-functional leaders and drive organizational change.
• Experience providing executive-level updates and navigating Agile environments.

Nice To Haves

• 3+ years supporting public sector cloud programs (FedRAMP, DoD, state/local).
• Experience with IaC, CI/CD, automation (Terraform, GitOps, etc.).
• Knowledge of DISA STIGs, CC SRG, FIPS 140-2/3, and federal encryption requirements.
• Experience collaborating with 3PAOs or participating in assessment cycles.

Responsibilities

• Enterprise Security Architecture & Engineering Architect and integrate secure solutions across AWS, Azure, GCP, and modern application platforms including containers and Kubernetes.
• Build, evaluate, and refine authorization boundary diagrams, network/data flow diagrams, and enterprise security design patterns.
• Execute technical security controls within production federal environments.
• Enhance detection and monitoring capabilities by identifying gaps and implementing improved logging, alerting, and analytics.
• Partner with engineering, product, DevOps, and operations to embed security early in the development lifecycle.
• Translate complex NIST and audit requirements into clear engineering tasks and architectural recommendations.
• Act as a trusted security advisor during customer engagements, proposal reviews, and technical deep dives.
• Review vendor and customer contracts to ensure alignment with federal security standards.
• Contribute to broader enterprise compliance programs including ISO 27001, SOC 2, PCI-DSS, and others.
• Maintain and evolve core security policies, standards, incident response plans, and contingency plans.
• Act as a trusted advisor for cloud security across AWS, Azure, and GCP environments supporting federal workloads.
• Conduct architecture reviews to ensure federal architecture requirements are incorporated into new platform features and services.
• Collaborate with engineering, DevOps, compliance, and public-sector stakeholders to address security challenges and drive improvements.
• Support new FedRAMP authorizations and significant change processes in collaboration with 3PAOs.
• Stay current with FedRAMP, DISA, NIST, CC SRG, and STIG requirements and ensure timely remediation of compliance gaps.
• Build detailed FedRAMP-compliant diagrams including ABD, NFD, and DFD using tools such as Lucid Chart or Visio.

Benefits

• Hybrid Work Model: We’ve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected.
• Flexibility & Work-Life Balance: Flex My Way is a set of supportive workplace policies designed to help manage personal and professional responsibilities, whether caring for family, giving back to the community, or finding time to refresh and reset. This builds upon our flexible work arrangements, including work from anywhere for up to 8 weeks per year, empowering employees to achieve a better work-life balance.
• Career Development and Growth: By fostering a culture of continuous learning and skill development, we prepare our talent to tackle tomorrow’s challenges and deliver real-world solutions. Our Grow My Way programming and skills-first approach ensures you have the tools and knowledge to grow, lead, and thrive in an AI-enabled future.
• Industry Competitive Benefits: We offer comprehensive benefit plans to include flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, employee incentive programs, and resources for mental, physical, and financial wellbeing.
• Culture: Globally recognized, award-winning reputation for inclusion and belonging, flexibility, work-life balance, and more. We live by our values: Obsess over our Customers, Compete to Win, Challenge (Y)our Thinking, Act Fast / Learn Fast, and Stronger Together.
• Social Impact: Make an impact in your community with our Social Impact Institute. We offer employees two paid volunteer days off annually and opportunities to get involved with pro-bono consulting projects and Environmental, Social, and Governance (ESG) initiatives.
• Making a Real-World Impact: We are one of the few companies globally that helps its customers pursue justice, truth, and transparency.
• market competitive health, dental, vision, disability, and life insurance programs, as well as a competitive 401k plan with company match
• market leading work life benefits with competitive vacation, sick and safe paid time off, paid holidays (including two company mental health days off), parental leave, sabbatical leave
• optional hospital, accident and sickness insurance paid 100% by the employee; optional life and AD&D insurance paid 100% by the employee; Flexible Spending and Health Savings Accounts; fitness reimbursement; access to Employee Assistance Program; Group Legal Identity Theft Protection benefit paid 100% by employee; access to 529 Plan; commuter benefits; Adoption & Surrogacy Assistance; Tuition Reimbursement; and access to Employee Stock Purchase Plan