GRC Security Engineer, Federal & Public Sector (FedRAMP)

📋 Description

• Own FedRAMP High authorization end-to-end (SSP, 3PAO, ATO)
• Drive the GovCloud re-architecture with 25–30 vendor replacements
• Stand up DoD IL5 auth on FedRAMP High when civilian package flies
• Build compliance-as-code: automated evidence, OSCAL artifacts, POA&Ms
• Write federal control narratives and work with Legal/Sales
• Collaborate on telemetry expansion into GovCloud boundary

🎯 Requirements

• FedRAMP high/ATO processes and 3PAO engagements
• Go and Python coding; automate compliance tasks
• OSCAL tooling and machine-readable POA&Ms
• AWS GovCloud, Azure Government, or DoD IL4/5 experience
• FIPS 140-3, KSIs, CMMC familiarity
• NIST SP 800-53 Rev. 5 knowledge and control narratives

🎁 Benefits

• In-person offices in San Francisco and New York with libraries
• Flat, collaborative culture with impact on federal security
• Opportunity to work on FedRAMP High and DoD IL5 programs