Key skills
AWSAzureCloudDNSGoogle Cloud PlatformKubernetesMicroservicesGCPGoogle CloudSaaSCI/CDTime ManagementNetwork SecurityCloud Security
About this role
Role Overview
- Help design Wiz deployments to meet DoD CC SRG requirements.
- Work with our GRC/Compliance team members to translate security controls and DoD CC SRG requirements into applicable technical solutions.
- Work cross functional with Engineering and DevOps teams to consult and guide on implementation of requirements.
- Ownership and crafting of detailed diagrams that align with DISA requirements, using tools like LucidChart, Visio, etc.
- Perform architecture reviews and provide architecture requirements to help bring new features to Wiz regulated environments.
- Help test and validate new features to see their value for customer’s as well as help Wiz meet its own security and compliance goals.
- Automation of internal processes that lend themselves to meeting security controls or requirements based on a provided framework.
- Stay up to date with the latest guidelines (FedRAMP, DISA, NIST, EU) to ensure that systems and processes adhere to these standards, addressing any compliance issues promptly.
Requirements
- 6+ years of experience working as a Federal Cloud Network Architect/Engineer or Federal Network Security Architect/Engineer in AWS (other clouds a plus!)
- Experience leading a CSP through an IL4 or IL5 authorization, having completed onboarding to the BCAP and servicing Mission Owners.
- Intimate understanding of the DoD CC SRG in relation to the BCAP connection process, DoD PKI, DNS, and other technical requirements.
- Firsthand experience designing architecture in public cloud environments around the DoD CC SRG technical requirements and guiding a CSP (SaaS preferred) through an IL4 or IL5 ATO.
- Preferred experience in AWS (GCP and Azure a plus).
- Expertise architecting solutions using cloud native services, while following cloud security best practices.
- Experience working with technologies like microservices, containers, Kubernetes, IaC, Configuration Management, APIs, CI/CD.
- Ability to work independently once provided with projects and deliverables.
- Excellent skills around handling administrative activities, time management and prioritization of tasks.
- Ability to translate compliance requirements to technical outcomes.
- Ability to think outside the box when working with compliance frameworks by implementing technical solutions that meet the spirit of controls, vs. the written guidance.
- Knowledge of and ability to evaluate controls and requirements against NIST 800-53, DoD CC SRG, DISA STIGs etc.
- Knowledge of FIPS and other encryption methodologies needed to meet federal requirements.
- A thirst to use Wiz and learn everything the product can do.
Tech Stack
- AWS
- Azure
- Cloud
- DNS
- Google Cloud Platform
- Kubernetes
- Microservices
Benefits
- Medical, dental and vision insurance
- Home Office Setup reimbursement
- Flexible Spending Accounts
- Monthly Connectivity reimbursement
- Employee Assistance Program (EAP)
- Short
- and Long-term Disability Insurance
- Life & Accident Insurance
- 401(k) Retirement Savings Plan (with employer match)
- Flexible paid time off + 11 paid holidays
- Paid leave programs, including parental, pregnancy health, medical and bereavement leave