CrawlJobs Logo
Beacon Hill Logo Beacon Hill · IT - Software Development

FedRAMP Security Engineer II

United States, Raleigh · Job Posted May 04, 2026
Apply Position
Job Link Share

Job Responsibility

  • Execute monthly FedRAMP Continuous Monitoring activities, ensuring timely and accurate completion of deliverables
  • Maintain and update Plans of Action and Milestones (POA&Ms), including tracking remediation progress and validating closure
  • Review and analyze vulnerability scan results (e.g., Nessus) and assist with prioritization and escalation
  • Maintain an accurate, up-to-date view of vulnerability status across the environment
  • Track vulnerabilities through the full lifecycle: identification, validation, remediation, and closure
  • Monitor and report on aging vulnerabilities and SLA adherence
  • Ensure consistency between scan results, ticketing systems (e.g., ServiceNow), and POA&M records
  • Maintain continuous operational visibility into the security posture of FedRAMP systems, including vulnerabilities, assets, and control status
  • Validate that security-relevant data (scan results, logs, asset inventory, and tracking systems) is complete, accurate, and aligned across sources
  • Identify gaps in visibility (e.g., missing assets, incomplete scan coverage, inconsistent data) and escalate appropriately
  • Support continuous monitoring activities aligned with FedRAMP and NIST 800-137 (ISCM) expectations
  • Assist in ensuring that logging, monitoring, and security tooling provide sufficient coverage to support ongoing risk awareness and audit readiness

Requirements

  • 2-4 years of experience in cybersecurity/vulnerability management
  • FedRAMP experience (ideally) or minimum exposure
  • NIST 800-53 or other similar framework experience
  • Experience tracking vulnerabilities, tracking large volumes of findings and staying organized/accurate in data
  • Understanding of continuous monitoring, system visibility and audit readiness
  • Experience improving workflows through automation or scripting (Power Automate, PowerShell, Python)
  • Bachelor’s degree

Nice to have

  • Power Automate
  • POA&M management and audit support experience
Beacon Hill - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

FedRAMP Security Engineer II

8 matching positions

Site Reliability Engineer II - FedRAMP

Trimble is seeking a Site Reliability Engineer to join their world class and glo...
Location
Location
India , Chennai
Salary
Salary:
Not provided
trimble.com Logo
Trimble Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree or equivalent in Computer Science, Engineering or related field or equivalent experience
  • Recent college graduate or one year of experience in IT operations, including knowledge of networking, computing and storage
  • Experience with AWS and/or Azure public cloud
  • Windows system administration familiarity and scripting skills, such as Python, Powershell
  • Linux system administration familiarity and scripting skills, including Bash and Perl
  • Familiarity with application operations, including Incident Management, Change Management, and Capacity Management
  • Excellent written and verbal communication
  • Troubleshooting and problem solving skills
  • Strong desire to learn new things
Job Responsibility
Job Responsibility
  • Responsible for configuration, optimization, documentation and support of the infrastructure components of software products which are hosted primarily in cloud services (AWS and Azure)
  • Perform day-to-day server application management, monitoring, incident response/resolution and working with the customer application development and technical support teams to establish effective application monitoring and to identify application changes to improve operations
  • Develop new and enhance current shared public cloud services with consideration for Availability, Operations, Performance, Capacity, Security, and User Experience
  • Responsible for management of security posture and adherence to corporate security best practices
  • Develop and maintain documentation including but not limited to architecture diagrams, service descriptions, build and deploy documentation and operations run book documentation
  • Provide design and deployment assistance for divisions needing help on a project basis
  • Manage AWS & FedRAMP best practice expectations (incorporating Trimble Cloud Core Platform standards)
  • Work with a global team and are able to occasionally meet or perform tasks off-hours
Read More
Arrow Right

Software Engineer II - CTJ - Poly

Come get in on the ground floor of PLx! We are seeking a Software Engineer to jo...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND 2+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python OR equivalent experience
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • Verification of U.S. citizenship
  • Experience in at least two of: Active Directory, Exchange, SharePoint, and Skype for Business
  • Ability to pass Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Architect, deploy, and manage secure Microsoft services in cloud and hybrid environments
  • Automate infrastructure provisioning and compliance enforcement using PowerShell scripts and Bicep templates
  • Ensure systems align with federal security frameworks including DoD STIGs, FedRAMP, and JSIG
  • Collaborate with cybersecurity teams to implement secure configurations, patching strategies, and continuous monitoring
  • Support incident response, vulnerability remediation, and audit readiness, including participation in on-call rotations
  • Maintain detailed documentation for accreditation and compliance reporting
  • Mentor engineers in secure systems design, automation, and federal compliance best practices
  • Fulltime
Read More
Arrow Right

System Information Assurance and Security Engineer

Barbaricum is seeking a highly skilled System Information Assurance and Security...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD TS/SCI Clearance
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred)
  • 5+ years of experience in enterprise identity and access management architecture
  • Demonstrated expertise with Zero Trust frameworks and DoD ICAM standards
  • Hands-on experience with SAML, OAuth2.0, OpenID Connect, PKI, and certificate management
  • Experience with DoD enterprise solutions such as Radiant Logic, Okta, Ping Identity, SailPoint, ForgeRock, Microsoft Entra ID (Azure AD), or equivalent
  • Deep knowledge of Privileged Access Management and Identity Governance & Administration solutions
  • Strong understanding of DoD cybersecurity compliance frameworks (RMF, NIST SP 800-53, 800-207, 8140/8570)
  • IAM / DoD Certification IAT Level II (e.g., Security+ CE, SSCP, GSEC)
Job Responsibility
Job Responsibility
  • Execute engineering solutions for identity credential and access management for Zero Trust implementation across enterprise systems
  • Design and maintain an enterprise-wide identity and access management strategy aligned with DoD Zero Trust principles, NIST 800-207, and DoD ICAM Reference Design
  • Lead integration of federated identity, single sign-on (SSO), and multi-factor authentication (MFA) across cloud and on-prem environments
  • Develop and maintain policies, standards, and reference architectures to enforce least-privilege and attribute-based access control (ABAC)
  • Conduct the implementation of Privileged Access Management (PAM) and Identity Governance and Administration (IGA) solutions
  • Collaborate with cybersecurity, network, and cloud teams to align ICAM solutions with Zero Trust pillars (identity, device, network, application, and data)
  • Ensure compliance with DoD 8140/8570, RMF, FedRAMP, and other applicable frameworks
  • Lead proof-of-concepts (POCs) and technology evaluations for emerging identity
Read More
Arrow Right

Senior System Information Assurance and Security Engineer

Barbaricum is seeking a highly skilled System Information Assurance and Security...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD TS/SCI Clearance
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred)
  • 10+ years of experience in enterprise identity and access management architecture
  • Demonstrated expertise with Zero Trust frameworks and DoD ICAM standards
  • Hands-on experience with SAML, OAuth2.0, OpenID Connect, PKI, and certificate management
  • Experience with DoD enterprise solutions such as Radiant Logic, Okta, Ping Identity, SailPoint, ForgeRock, Microsoft Entra ID (Azure AD), or equivalent
  • Deep knowledge of Privileged Access Management and Identity Governance & Administration solutions
  • Strong understanding of DoD cybersecurity compliance frameworks (RMF, NIST SP 800-53, 800-207, 8140/8570)
  • IAM / DoD Certification IAT Level II (e.g., Security+ CE, SSCP, GSEC)
Job Responsibility
Job Responsibility
  • Execute engineering solutions for identity credential and access management for Zero Trust implementation across enterprise systems
  • Design and maintain an enterprise-wide identity and access management strategy aligned with DoD Zero Trust principles, NIST 800-207, and DoD ICAM Reference Design
  • Lead integration of federated identity, single sign-on (SSO), and multi-factor authentication (MFA) across cloud and on-prem environments
  • Develop and maintain policies, standards, and reference architectures to enforce least-privilege and attribute-based access control (ABAC)
  • Conduct the implementation of Privileged Access Management (PAM) and Identity Governance and Administration (IGA) solutions
  • Collaborate with cybersecurity, network, and cloud teams to align ICAM solutions with Zero Trust pillars (identity, device, network, application, and data)
  • Ensure compliance with DoD 8140/8570, RMF, FedRAMP, and other applicable frameworks
  • Lead proof-of-concepts (POCs) and technology evaluations for emerging identity
Read More
Arrow Right

Information System Security Engineer

Location
Location
United States , San Antonio
Salary
Salary:
77500.00 - 176000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in an ISSE, ISSO, or IT role
  • 3+ years of experience developing and evaluating security documentation, including system security plans, contingency plans, security test procedures, and continuity of operations plans
  • 3+ years of experience with security architecture evaluations, guidance development, and troubleshooting
  • 3+ years of experience working with cloud service providers, including Amazon Web Services (AWS) or Microsoft Azure
  • Experience managing security applications within a cloud service provider, including AWS, Microsoft Azure, or Google Cloud
  • Experience with the NIST RMF and NIST SP 800-53 security and privacy controls, FISMA, and FEDRAMP
  • Experience with SD Elements, Fortify Static Code Analyzer, STIGs, ACAS, SCAP, or SCC tools
  • TS/SCI clearance
  • Bachelor’s degree
  • DoD 8140 Level II Certification
Job Responsibility
Job Responsibility
  • Implement and manage policies and procedures to ensure database and software security
  • Apply leading-edge principles, theories, and concepts and contribute to the development of new principles and concepts
  • Work on unusually complex problems and provide highly innovative solutions
  • Operate with substantial latitude for unreviewed action or decision
  • Mentor or supervise employees in both company and technical competencies
What we offer
What we offer
  • health, life, disability, financial, and retirement benefits
  • paid leave
  • professional development
  • tuition assistance
  • work-life programs
  • dependent care
  • recognition awards program
Read More
Arrow Right

Ts Sci W/ Ci Poly Cleared Vulnerability/Grc Lead

Our client, a leader in the HCM space is in need of a GRC/Vulnerability Lead for...
Location
Location
United States , Reston
Salary
Salary:
78.75 - 113.75 USD / Hour
clearbridgetech.com Logo
ClearBridge Technology Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in governance, risk and compliance and/or cybersecurity engineering
  • 3+ years of direct experience with the FedRAMP and RMF assessment and authorization processes
  • Strong understanding of FedRAMP frameworks and DoD Impact Levels IL4 and IL5
  • Experience supporting federal SaaS cloud environments including logging and monitoring systems, access controls, FIPS encryption methods, source control management, and vulnerability management
  • Experience documenting security controls, policies, procedures, and compliance requirements
  • Experience supporting audit management, compliance assessments, and remediation activities
  • Strong written and verbal communication skills with the ability to support multiple initiatives simultaneously
  • Active TS SCI w/ CI Poly Clearance
  • DoD 8570 compliant at IAM or IAT Level II or higher
Job Responsibility
Job Responsibility
  • support security, compliance, and risk management initiatives
  • support FedRAMP and RMF assessment and authorization activities
  • maintain compliance across public sector cloud environments
  • partner with internal engineering and security teams to support secure product development and ongoing audit readiness
  • Fulltime
Read More
Arrow Right

Senior Governance, Risk & Compliance Lead

OnePlan is looking for a Senior Governance, Risk & Compliance Lead to own and op...
Location
Location
United States
Salary
Salary:
Not provided
oneplan.ai Logo
OnePlan Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in governance, risk and compliance, information security, or security compliance roles
  • Direct experience managing SOC 2 Type II and ISO 27001 audits and maintaining ongoing compliance programs
  • Strong understanding of NIST 800-53 and FedRAMP security requirements
  • Experience using compliance automation platforms such as Vanta or similar tools
  • Experience working in a cloud native SaaS environment, ideally within Azure
  • Strong documentation, audit management, and cross functional coordination skills
  • Ability to translate security and compliance requirements into practical operational processes
  • Experience leading or supporting FedRAMP readiness or authorization programs
Job Responsibility
Job Responsibility
  • Own and manage OnePlan’s governance, risk, and compliance program across security and privacy frameworks
  • Maintain the company’s compliance certifications including SOC 2 Type II, ISO 27001, and ISO 27701, ensuring ongoing audit readiness and successful surveillance audits and recertifications
  • Coordinate with external auditors and manage evidence collection, control validation, and supporting documentation
  • Maintain and update security policies, procedures, and internal documentation supporting compliance frameworks
  • Maintain the company risk register and drive risk identification, assessment, and remediation activities across the organization
  • Partner closely with Engineering and IT teams to implement and document security controls across the platform
  • Lead OnePlan’s FedRAMP Moderate readiness initiative, including NIST 800-53 gap assessments and remediation planning
  • Develop and maintain the System Security Plan (SSP) and associated FedRAMP documentation
  • Prepare the organization for 3PAO assessment and establish processes for ongoing continuous monitoring
  • Manage vendor risk assessments and third party security reviews
What we offer
What we offer
  • We offer comprehensive health, dental, and vision benefits, with additional insurance options
  • Employer RRSP and 401K matching programs
  • A fun, collaborative, and diverse environment with regular health and team challenges to keep things light and enjoyable
  • Fulltime
Read More
Arrow Right

Group Product Manager, Security and Compliance

Crusoe is on a mission to align the future of computing with the future of the c...
Location
Location
United States , San Francisco; Sunnyvale
Salary
Salary:
237000.00 - 288000.00 USD / Year
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of Product Management experience, with a strong focus on cloud security, infrastructure platforms, or DevSecOps
  • Strong understanding of cloud infrastructure and security concepts, including Kubernetes security, cloud networking, and the evolving security challenges of LLMs and Generative AI
  • Proven experience navigating SOC 2
  • familiarity with HIPAA and FedRAMP is a strong plus
  • Comfort operating in an early-stage, high-growth environment and building product processes from scratch
  • Ability to deeply understand customer needs and advocate for them across technical and non-technical stakeholders
  • Strong written and verbal communication skills, with experience influencing senior leaders and executives
  • Highly proactive, self-directed, and decisive, with strong product judgment
  • Bachelor’s degree in Computer Science or a related technical field (or equivalent practical experience)
  • Genuine passion for Crusoe’s climate mission and sustainable infrastructure goals
Job Responsibility
Job Responsibility
  • Serve as the architect of trust across the Crusoe Cloud platform
  • Own the end-to-end security and compliance product strategy—from physical data center controls to managed AI inference APIs
  • Build security guardrails for the full model lifecycle, ensuring customer data privacy, isolation, and secure execution environments for managed inference workloads
  • Lead the product side of major compliance initiatives (SOC 2 Type II required
  • ISO 27001, HIPAA, and eventually FedRAMP)
  • Develop customer-facing security documentation, trust centers, and compliance artifacts
  • Collaborate closely with Engineering, DevOps, SRE, Legal, Finance, Customer Success, and executive stakeholders to define requirements, execution plans, and operating models
  • Engage directly with current and prospective customers to understand real-world security and compliance needs and translate them into scalable product solutions
What we offer
What we offer
  • Restricted Stock Units in a fast growing, well-funded technology company
  • Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
  • Employer contributions to HSA accounts
  • Paid Parental Leave
  • Paid life insurance, short-term and long-term disability
  • Teladoc
  • 401(k) with a 100% match up to 4% of salary
  • Generous paid time off and holiday schedule
  • Cell phone reimbursement
  • Tuition reimbursement
  • Fulltime
Read More
Arrow Right