Posted in

Security Engineer 4 – Fedramp Compliance Architect

Security Engineer 4 – Fedramp Compliance Architect

CompanyPagerDuty
LocationAtlanta, GA, USA
Salary$176000 – $281000
TypeFull-Time
Degrees
Experience LevelSenior

Requirements

  • 5+ years of experience in cloud security architecture, compliance, or cybersecurity engineering, with at least 3 years of experience supporting FedRAMP Moderate or High authorization.
  • Deep expertise in FedRAMP, NIST 800-53, FISMA, and cloud security best practices.
  • Strong ability to assess security risks and recommend technical and procedural mitigations.
  • Experience working with AWS GovCloud, Azure Government, or other federal cloud environments.
  • Experience with audit preparation, risk assessments, and working with third-party assessors (3PAOs).
  • Exceptional written and verbal communication skills for creating and managing FedRAMP documentation.

Responsibilities

  • Design, implement, and maintain system architectures to align with FedRAMP requirements.
  • Serve as the subject matter expert (SME) on FedRAMP, advising internal teams on security best practices, control implementations, and risk mitigation strategies.
  • Collaborate with engineering, operations, product, and corporate IT teams to develop secure cloud-based architectures that meet federal compliance mandates.
  • Implement governance strategy on technical security controls, including access management, configuration, encryption, logging, monitoring, and vulnerability management.
  • Support annual assessments, security control reviews, and audits, coordinating with third-party assessors (3PAO) and government sponsors.
  • Technical support for external stakeholders on customer responsibilities.
  • Key contributor to the development and maintenance of the System Security Plan (SSP), Policies and Procedures, Configuration Management Plan, Secure System Development Life Cycle, and other FedRAMP documentation.
  • Partner with the GRC (Governance, Risk, and Compliance) team to efficiently track and resolve security findings.

Preferred Qualifications

  • Experience supporting DoD IL 4 or 5 environments.
  • Experience with data governance frameworks, secure data storage, and data lifecycle management in multi-tenant cloud environments.
  • Understanding of NIST AI Risk Management Framework (AI RMF) and its implications for secure AI adoption in government environments.
  • Familiar with SaaS security tools (such as Sumo Logic, Datadog, Crowdstrike, Wiz, Lucidchart, Snyk, and Qualys).
  • Familiarity with Cloud Native and SaaS constructs, including architectures, DevOps, CI/CD, and SecOps disciplines.
  • Relevant certifications, such as:
  • Certified Information Systems Security Professional (CISSP)
  • AWS Security Specialty, or equivalent
  • CompTIA Advanced Security Practitioner (CASP+)
  • Certificate of Cloud Security Knowledge (CCSK)