Related skills
azure aws kubernetes gcp fedrampπ Description
- Manage POA&M lifecycle with 3PAO assessors and stakeholders
- Collect and maintain evidence for FedRAMP/HITRUST/PCI compliance
- Maintain system inventory and boundary docs for scanning scope
- Analyze scan results, justify deviations, and document risk
- Translate vulnerability findings into risk language for federal clients
- Collaborate with Dev/SRE/Infra to embed vuln mgmt in CI/CD, cloud, and Kubernetes
π― Requirements
- 3β5 years in vulnerability management or security operations
- Hands-on vuln mgmt across OS, DB, networks, containers, web apps, APIs
- Experience with FedRAMP, HITRUST, or PCI compliance
- AWS/Azure/GCP admin certs and cloud security knowledge
- Proficiency in Python, PowerShell, Bash for automation
- Strong ability to communicate findings to federal stakeholders and produce compliance reports
π Benefits
- Security-focused cloud certifications (AWS/Azure/GCP)
- CISSP certification
- Container security tools and Kubernetes posture knowledge (Trivy/Anchore/Snyk)
- Familiarity with SCA and SAST/DAST tools
- CI/CD security patterns and DevSecOps toolchains
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!