FedRAMP Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
FedRAMP Security Engineer providing technical expertise on security control implementations. Join Valiant Solutions' growing cybersecurity team for compliance with NIST and FedRAMP standards.
Responsibilities:
- Perform detailed architecture and technical design reviews on the full stack for vendor solutions
- Conduct architecture reviews of Cloud Service Providers (CSPs) authorization packages to validate secure design, alignment to FedRAMP and agency requirements, identify gaps, and advise the FedRAMP Government Lead overall risk posture and compliance
- Lead and conduct architecture interviews with CSPs to ensure all critical control areas throughout the architecture are designed to meet program requirements
- Develop architecture briefing documents to inform the Government FedRAMP program manager and CISO of CSP compliance with FedRAMP program requirements, technical capabilities, and any concerns noted from material review
- Complete comprehensive review and comment documents of CSPs FedRAMP documentation including but not limited to system security plans, policies and procedures, supplemental agency guidance documents, alternative implementation and risk acceptance documents, etc.
- Work with CSPs to reconcile and address any documentation and technology gaps discovered during the review
- Complete a comprehensive review of CSPs' assessments and package submissions after 3PAO audits and prepare a package briefing for the Government FedRAMP program manager and agency CISO. Artifacts include, but are not limited to, vendor security assessment plans, security assessment reports, vulnerability scans, penetration tests, etc
- Work alongside agency FedRAMP Lead and provide security engineering services
- Provide support for Continuous Monitoring activities including but not limited to items such as reviewing annual package submissions, reviewing and scoping significant change proposals, reviewing risk acceptance documents, etc
- Interpret FedRAMP and other agency requirements and provide vendors with guidance regarding expectations, technical requirements, and processes
- Stay informed of updated FedRAMP guidance, industry best practices, emerging technologies, and Government cybersecurity directives, and provide recommendations to FedRAMP Government lead regarding impacts
- Conduct security reviews of technologies for use base consideration within CSPs authorization boundary
- Oversee and manage relationships for assigned systems that may be contractor-owned or contractor-operated, ensuring vendors comply with agency security and privacy requirements
- Assist stakeholders with IT security-related activities to ensure project deadlines are met
- Ensure all systems are operated, maintained, and disposed of IAW documented security policies and procedures including but not limited to Assessment & Authorization (A&A)
- Research assigned IT security systems to provide insight into IT security architectures and IT security recommendations for assigned systems
Requirements:
- Five (5) years of experience in the IT Security field
- Bachelor’s degree in Computer Science, Information Systems, Mathematics, Engineering or a related field, OR an additional three years of IT experience required
- Four (4) years of hands-on technical experience as a System Architect or Security Engineer
- Four (4) years of experience supporting FedRAMP Security+, CISSP, CISM, CISA, or equivalent Security certification
- Direct experience as a Security Engineer or System Architect performing analysis on FedRAMP Cloud Service Providers (CSP) architectures and control implementations (ie. 3PAO, FedRAMP program at another federal agency, etc)
- Confidence and depth of understanding to lead meetings with potential Vendors
- Current experience in reviewing 3rd party security assessment reports
- Have detailed knowledge and experience with NIST Policies, Governance, Security Planning and Architecture, FISMA Compliance, RMF, Incident Analysis, and General Security Best Practices.
- Possess strong written and oral communication skills to support customers, internal stakeholders, peers, and public audiences.
- Ability to communicate, both written and oral, to both technical and non-technical stakeholders.
- Strong communication skills to interact with senior managers, junior staff, and business unit (non-technical) customers.
Benefits:
- Valiant pays 99% of the Medical, Dental, and Vision Coverage for Full-time Employees
- Valiant contributes 25% towards Health Coverage for Families and Dependents
- 100% Paid Short-Term Disability and Life Insurance Policy for Full-time Employees
- 100% Paid Certifications
- 401K Matching up to 4%
- Paid Time Off
- Paid Federal Holidays
- Valiant University – Online Education and Training Portal
- Wellness & Fitness Program
- FSA programs for: Medical Costs, Dependent Care, Transit, and Parking
- Referral Bonuses
Similar Jobs
Cryptography Engineer
PQC Engineer designing and delivering Post-Quantum Cryptography solutions for federal cybersecurity modernization initiatives. Collaborating with stakeholders to shape requirements and drive implementation strategies.
Senior SIEM Engineer
Technical lead managing the design, deployment, and maintenance of SIEM for Valiant’s cybersecurity team. Collaborate with SOC analysts to enhance security monitoring capabilities.
Project Engineer – Facilities and Infrastructure
Project Engineer overseeing design and construction for hypersonic wind tunnel campus. Critical government oversight role providing technical advisory and program management support.
Chief Engineer, Payload Integration
Chief Engineer for payload integration at SES Space & Defense. Leading payload development from concept to on-orbit operations for multi-orbit satellite solutions.
Project Engineer
Project Engineer handling engineering design activities for solar projects. Collaborating with cross-functional teams to ensure project success and performance optimization.
R&D Engineer II – SRM Ballistician
Ballistician generating rocket motor concepts from thrust/burn time requirements. Collaborating with engineering teams to refine designs and ensure manufacturability.
Senior Project Engineer – SRM
Senior Project Engineer leading and coordinating project planning and engineering tasks at General Dynamics Ordnance and Tactical Systems. Working with multi-disciplinary teams to develop cutting-edge munitions and systems.
Supplier Quality Engineer
Supplier Quality Engineer supporting Medline’s Supplier Quality operations through audits and performance activities. Partnering cross functionally while developing expertise in supplier quality and regulatory compliance.
Test & Measurement Engineer – CFRP/GFRP Tooling
Test & Measurement Engineer conducting test and measurement activities on CFRP/GFRP components in aerospace. Prepare and coordinate test campaigns with internal teams and external labs.
Wind Turbine Blade Engineer
Technical expert on blade integrity, reliability, and performance for the wind fleet. Supporting operational decisions, defect assessment, and performance optimization in renewable energy.
Senior Process/Chemical Engineer
Senior Process/Chemical Engineer focusing on energy and nuclear facilities design. Responsible for architecture development, evaluations and compliance with safety regulations.
SCADA Engineer
SCADA Front-End Engineer developing user-friendly visuals and interfaces for Ignition SCADA in mission-critical data centers. Focused on intuitive design and advanced project deployment.
Lead Field PLC Engineer
Lead Field PLC Engineer overseeing a team for PLC deployments in data centers. Managing technical expertise and project coordination while mentoring junior engineers and resolving complex issues.
Go Live Engineer
Go Live Engineer for Azure Virtual Desktop, collaborating with partners and providing technical support. Assisting implementations and enhancing tools for better cloud management experience.
Senior Integration Success Engineer
Technical role at Alkami managing integration for financial institutions and development teams. Serving as the primary technical partner for launching custom integrations using Alkami SDK and platform APIs.
IAM Engineer
IAM Engineer at Kaleris, implementing IAM solutions for secure access in digital supply chain systems. Responsibilities include compliance, authentication methods, and incident response.
ICT Business Engineer
ICT Business Engineer at Swisscom B2B translating customer needs into IT requirements and improving processes. Collaborating with teams to deliver automated solutions for businesses.
Senior Engineer – Operation & Maintenance
Graduate Engineer managing operations and maintenance activities in Hydro power plant. Ensuring safety, resource availability, and budget planning for O&M expenses.
Ingenieur Logistique, Expert Planning
Expert in logistics processes within a group to harmonize operations planning across Europe. Focusing on supply chain optimization with involvement in strategic decision-making.
Equipment Complex Project Engineer II
HVAC Engineer designing larger, complex HVAC Equipment projects for Johnson Controls. Ensuring timely project completion while maintaining customer satisfaction and project P&L.