Senior Security Engineer, FedRAMP

Consensus Cloud Solutions-posted 2 months ago
$165,000 - $185,000/Yr
Full-time
501-1,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Senior Security Engineer for FedRAMP plays a vital role in maintaining the organization’s FedRAMP High compliance and overall cloud security posture. This position supports the mission of delivering secure, government-compliant services by leading Security Operations (SecOps) projects, managing technical operations, and ensuring compliance with NIST 800-53 Rev 5 standards. Key responsibilities include supporting the Annual 3PAO Assessment, managing OS patching for up to 350 servers, overseeing antivirus and backup solutions, and conducting regular vulnerability scans using tools such as Nessus and Burp Suite. The engineer will oversee endpoint security with FortiClient EMS, handle authentication with Okta for Government, and manage backups with N2WS. They will ensure SOC and technical support coverage, monitor logs and intrusions using Splunk, and conduct security assessments of AWS GovCloud. Additional duties include managing Active Directory user access reviews and access controls, supporting red team and penetration testing, assisting with security impact analysis (SIA), significant change requests (SCR), continuous monitoring (ConMon), and plans of action and milestones (POAMs) in coordination with the FedRAMP GRC team, and leading incident response and disaster recovery exercises.

  • Provide project management oversight of FedRAMP SecOps services.
  • Support Annual FedRAMP 3PAO assessments and security control validation.
  • Perform patch management for operating systems on up to 350 servers.
  • Manage antivirus solutions and ensure endpoint security using FortiClient EMS.
  • Oversee AWS backup and disaster recovery using N2WS Backup.
  • Conduct monthly vulnerability scans (OS, database, containers, web apps, STIG baseline) using Nessus and Burp Suite tools and provide reporting and analysis.
  • Perform rescans to confirm remediation of vulnerabilities.
  • Generate monthly security reports and conduct user access reviews.
  • Manage and test functional Disaster Recovery and Incident Response plans per NIST 800-53 Rev 5.
  • Operate and maintain SIEM tools such as Splunk for threat detection and correlation.
  • Ensure Security Operations Center (SOC) response SLAs.
  • Maintain technical support services with a 15-minute callback SLA.
  • Perform continuous log management and intrusion detection monitoring.
  • Conduct configuration consistency checks and quarterly authorized software reviews.
  • Manage AWS GovCloud security groups and access control list reviews.
  • Administer Active Directory account creation, password resets, and YubiKey setup.
  • Manage user access for production and pre-production systems, as well as security tools.
  • Support and validate annual penetration testing and red team exercises.
  • Conduct continuous monitoring (ConMon) and FedRAMP validation scans.
  • Collaborate with the GRC team to manage and resolve SIAs, SCRs, and POAMs.
  • Participate in Incident Response and Disaster Recovery testing activities.
  • Contribute to Annual Assessment preparation and Significant Change Management reviews.
  • Mentor and guide other security engineers.
  • Assist with evaluating security tools and conducting proof-of-concept testing for new technologies.
  • Support internal and external security audits beyond FedRAMP (e.g., SOC 2, HITRUST, PCI, etc.).
  • Provide input on security policies, procedures, and documentation updates.
  • Participate in cross-functional project teams for infrastructure or application changes.
  • Deliver internal security awareness or training sessions as needed.
  • Research emerging threats, vulnerabilities, and security trends to inform program improvements.
  • Assist in vendor risk assessments and third-party security reviews.
  • Create and maintain technical runbooks, knowledge base articles, and process documentation.
  • Support response efforts for privacy incidents or data breaches involving PII/PHI.
  • Participate in industry or government security forums, working groups, or communities of interest.
  • Provide backup support for other security team members during absences.
  • Perform other duties and responsibilities as required, assigned, or requested.
  • Bachelor’s degree in cybersecurity, information technology, computer science, or a related field is preferred, but equivalent practical experience will be considered.
  • 5+ years of experience in security engineering or a similar technical security role.
  • 5+ years of experience with Vulnerability Management tools for identifying, tracking, and mitigating vulnerabilities across systems and applications.
  • 5+ years of experience using Endpoint Protection tools like FortiClient Enterprise Management Server (EMS), CrowdStrike, Carbon Black, or SentinelOne.
  • 5+ years of experience with Cloud Service Providers and their Security platforms.
  • 4+ years of experience with AWS security services such as IAM, CloudTrail, GuardDuty, and Security Hub.
  • 4+ years of experience implementing Security Technical Implementation Guides (STIGs) and baseline configuration management.
  • 4+ years of experience with AWS backup tools such as N2WS Backup for AWS backup and disaster recovery.
  • 4+ years of experience with One-time password systems for secure authentication, such as Okta.
  • 4+ years of experience with SIEM platforms, such as Splunk, Elastic, or Exabeam.
  • 4+ years of experience with Security Monitoring and Incident Response processes.
  • 2+ years of direct experience supporting FedRAMP, NIST 800-53, or similar government security compliance frameworks.
  • Hands-on experience with tools such as Nessus, Splunk, Burp Suite, FortiClient EMS, and AWS GovCloud is required.
  • Industry certifications such as CISSP, CISM, CEH, Security+, or equivalent are preferred but not required.
  • Experience supporting or leading FedRAMP High environments or other high-impact government-authorized systems.
  • Experience with Plan of Action and Milestones (POAM) management and working with GRC teams.
  • Exposure to penetration testing and red team operations in cloud and hybrid environments.
  • Experience automating security tasks using scripting languages such as Python, PowerShell, or Bash.
  • Knowledge of ticketing and workflow systems like ManageEngine ServiceDesk Plus (MESD).
  • Strong written communication skills for reporting, analysis, and compliance documentation.
  • The salary range for this role is $165,000 - $185,000 USD annually.
  • The total compensation package for this position is negotiable and may also include annual performance bonus, ESPP, enhanced time off packages and benefits.
  • Fully remote within the U.S.
  • Up to 10% travel.
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service