Key skills
AWSAzureCloudGoogle Cloud PlatformKubernetesTerraformGCPGoogle CloudGitHub ActionsIAMGitHubCI/CDCommunicationPenetration TestingCloud Security
About this role
Role Overview
- Serve as a security point of contact for external customers deploying into regulated cloud environments.
- Support customer onboarding by validating application security posture and deployment readiness for FedRAMP environments.
- Review customer security documentation, architectures, and deployment workflows against platform security requirements.
- Communicate security requirements, changes, incident escalations, and compliance questions clearly to customers.
- Implement and operate security controls required for FedRAMP Moderate/High, aligned to NIST SP 800-53.
- Support Continuous Monitoring (ConMon) activities, including vulnerability tracking, POA&M updates, and compliance reporting.
- Maintain and validate FedRAMP security architecture artifacts, including network diagrams, data flow diagrams, trust boundaries, and control flows.
- Validate deployed infrastructure and traffic patterns against approved FedRAMP architectures using flow logs and telemetry.
- Operate CrowdStrike as part of the core CNAPP enforcement and DevSecOps control.
- Integrate CrowdStrike CNAPP and detection signals into automated SOAR and CI/CD workflows to support preventative controls, response, and Continuous Monitoring (ConMon) for FedRAMP compliance.
- Coordinate external penetration testing efforts, including scoping, access, findings review, and remediation tracking.
- Use application security tools (e.g., Burp Suite) to support internal testing and remediation.
- Implement security and compliance gates in CI/CD pipelines to prevent non-compliant infrastructure or code from reaching production.
- Enforce policy-as-code guardrails for IAM, networking, logging, encryption, and endpoint protection using Terraform.
- Ensure CrowdStrike coverage, logging, and monitoring are enforced as deployment prerequisites.
- Prevent cloud exposure by enforcing network segmentation, approved ingress/egress paths, and least-privilege access.
- Detect and remediate configuration drift using CSPM and automated workflows.
- Secure Kubernetes clusters and containerized workloads to approved security baselines.
Requirements
- 4+ years of experience in Cloud Security, DevSecOps, or Security Operations roles.
- Hands-on experience operating CrowdStrike Falcon in production environments.
- Direct experience supporting FedRAMP environments and implementing NIST SP 800-53 controls.
- Experience working directly with external customers on security onboarding or deployment readiness.
- Strong experience with Wiz or similar CSPM/CNAPP platforms.
- Proficiency with Terraform and CI/CD tooling (GitHub, GitHub Actions).
- Experience securing multi-cloud environments (AWS required; Azure and/or GCP preferred).
- Strong written and verbal communication skills.
Tech Stack
- AWS
- Azure
- Cloud
- Google Cloud Platform
- Kubernetes
- Terraform
Benefits
- Medical
- Dental
- Vision
- Life & Disability
- Unlimited PTO
- Employee funded 401k plan