CrawlJobs Logo

FedRAMP Security Engineer II

bhsg.com Logo

Beacon Hill

Location Icon

Location:
United States , Raleigh

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Responsibility:

  • Execute monthly FedRAMP Continuous Monitoring activities, ensuring timely and accurate completion of deliverables
  • Maintain and update Plans of Action and Milestones (POA&Ms), including tracking remediation progress and validating closure
  • Review and analyze vulnerability scan results (e.g., Nessus) and assist with prioritization and escalation
  • Maintain an accurate, up-to-date view of vulnerability status across the environment
  • Track vulnerabilities through the full lifecycle: identification, validation, remediation, and closure
  • Monitor and report on aging vulnerabilities and SLA adherence
  • Ensure consistency between scan results, ticketing systems (e.g., ServiceNow), and POA&M records
  • Maintain continuous operational visibility into the security posture of FedRAMP systems, including vulnerabilities, assets, and control status
  • Validate that security-relevant data (scan results, logs, asset inventory, and tracking systems) is complete, accurate, and aligned across sources
  • Identify gaps in visibility (e.g., missing assets, incomplete scan coverage, inconsistent data) and escalate appropriately
  • Support continuous monitoring activities aligned with FedRAMP and NIST 800-137 (ISCM) expectations
  • Assist in ensuring that logging, monitoring, and security tooling provide sufficient coverage to support ongoing risk awareness and audit readiness

Requirements:

  • 2-4 years of experience in cybersecurity/vulnerability management
  • FedRAMP experience (ideally) or minimum exposure
  • NIST 800-53 or other similar framework experience
  • Experience tracking vulnerabilities, tracking large volumes of findings and staying organized/accurate in data
  • Understanding of continuous monitoring, system visibility and audit readiness
  • Experience improving workflows through automation or scripting (Power Automate, PowerShell, Python)
  • Bachelor’s degree

Nice to have:

  • Power Automate
  • POA&M management and audit support experience

Additional Information:

Job Posted:
May 04, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Beacon Hill - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for FedRAMP Security Engineer II

System Information Assurance and Security Engineer

Barbaricum is seeking a highly skilled System Information Assurance and Security...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD TS/SCI Clearance
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred)
  • 5+ years of experience in enterprise identity and access management architecture
  • Demonstrated expertise with Zero Trust frameworks and DoD ICAM standards
  • Hands-on experience with SAML, OAuth2.0, OpenID Connect, PKI, and certificate management
  • Experience with DoD enterprise solutions such as Radiant Logic, Okta, Ping Identity, SailPoint, ForgeRock, Microsoft Entra ID (Azure AD), or equivalent
  • Deep knowledge of Privileged Access Management and Identity Governance & Administration solutions
  • Strong understanding of DoD cybersecurity compliance frameworks (RMF, NIST SP 800-53, 800-207, 8140/8570)
  • IAM / DoD Certification IAT Level II (e.g., Security+ CE, SSCP, GSEC)
Job Responsibility
Job Responsibility
  • Execute engineering solutions for identity credential and access management for Zero Trust implementation across enterprise systems
  • Design and maintain an enterprise-wide identity and access management strategy aligned with DoD Zero Trust principles, NIST 800-207, and DoD ICAM Reference Design
  • Lead integration of federated identity, single sign-on (SSO), and multi-factor authentication (MFA) across cloud and on-prem environments
  • Develop and maintain policies, standards, and reference architectures to enforce least-privilege and attribute-based access control (ABAC)
  • Conduct the implementation of Privileged Access Management (PAM) and Identity Governance and Administration (IGA) solutions
  • Collaborate with cybersecurity, network, and cloud teams to align ICAM solutions with Zero Trust pillars (identity, device, network, application, and data)
  • Ensure compliance with DoD 8140/8570, RMF, FedRAMP, and other applicable frameworks
  • Lead proof-of-concepts (POCs) and technology evaluations for emerging identity
Read More
Arrow Right

Senior System Information Assurance and Security Engineer

Barbaricum is seeking a highly skilled System Information Assurance and Security...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD TS/SCI Clearance
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (Master’s preferred)
  • 10+ years of experience in enterprise identity and access management architecture
  • Demonstrated expertise with Zero Trust frameworks and DoD ICAM standards
  • Hands-on experience with SAML, OAuth2.0, OpenID Connect, PKI, and certificate management
  • Experience with DoD enterprise solutions such as Radiant Logic, Okta, Ping Identity, SailPoint, ForgeRock, Microsoft Entra ID (Azure AD), or equivalent
  • Deep knowledge of Privileged Access Management and Identity Governance & Administration solutions
  • Strong understanding of DoD cybersecurity compliance frameworks (RMF, NIST SP 800-53, 800-207, 8140/8570)
  • IAM / DoD Certification IAT Level II (e.g., Security+ CE, SSCP, GSEC)
Job Responsibility
Job Responsibility
  • Execute engineering solutions for identity credential and access management for Zero Trust implementation across enterprise systems
  • Design and maintain an enterprise-wide identity and access management strategy aligned with DoD Zero Trust principles, NIST 800-207, and DoD ICAM Reference Design
  • Lead integration of federated identity, single sign-on (SSO), and multi-factor authentication (MFA) across cloud and on-prem environments
  • Develop and maintain policies, standards, and reference architectures to enforce least-privilege and attribute-based access control (ABAC)
  • Conduct the implementation of Privileged Access Management (PAM) and Identity Governance and Administration (IGA) solutions
  • Collaborate with cybersecurity, network, and cloud teams to align ICAM solutions with Zero Trust pillars (identity, device, network, application, and data)
  • Ensure compliance with DoD 8140/8570, RMF, FedRAMP, and other applicable frameworks
  • Lead proof-of-concepts (POCs) and technology evaluations for emerging identity
Read More
Arrow Right

Software Engineer II - CTJ - Poly

Come get in on the ground floor of PLx! We are seeking a Software Engineer to jo...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND 2+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python OR equivalent experience
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • Verification of U.S. citizenship
  • Experience in at least two of: Active Directory, Exchange, SharePoint, and Skype for Business
  • Ability to pass Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Architect, deploy, and manage secure Microsoft services in cloud and hybrid environments
  • Automate infrastructure provisioning and compliance enforcement using PowerShell scripts and Bicep templates
  • Ensure systems align with federal security frameworks including DoD STIGs, FedRAMP, and JSIG
  • Collaborate with cybersecurity teams to implement secure configurations, patching strategies, and continuous monitoring
  • Support incident response, vulnerability remediation, and audit readiness, including participation in on-call rotations
  • Maintain detailed documentation for accreditation and compliance reporting
  • Mentor engineers in secure systems design, automation, and federal compliance best practices
  • Fulltime
Read More
Arrow Right

Product Manager, Security and Compliance

Crusoe is on a mission to align the future of computing with the future of the c...
Location
Location
United States , San Francisco; Sunnyvale
Salary
Salary:
237000.00 - 288000.00 USD / Year
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of Product Management experience, with a strong focus on cloud security, infrastructure platforms, or DevSecOps
  • Strong understanding of cloud infrastructure and security concepts, including Kubernetes security, cloud networking, and the evolving security challenges of LLMs and Generative AI
  • Proven experience navigating SOC 2
  • familiarity with HIPAA and FedRAMP is a strong plus
  • Comfort operating in an early-stage, high-growth environment and building product processes from scratch
  • Ability to deeply understand customer needs and advocate for them across technical and non-technical stakeholders
  • Strong written and verbal communication skills, with experience influencing senior leaders and executives
  • Highly proactive, self-directed, and decisive, with strong product judgment
  • Bachelor’s degree in Computer Science or a related technical field (or equivalent practical experience)
  • Genuine passion for Crusoe’s climate mission and sustainable infrastructure goals
Job Responsibility
Job Responsibility
  • Define and execute the long-term vision for cloud security capabilities, including Identity & Access Management (IAM), VPC networking, encryption at rest and in transit, key management, and audit logging
  • Build security guardrails for the full model lifecycle, ensuring customer data privacy, isolation, and secure execution environments for managed inference workloads
  • Lead the product side of major compliance initiatives (SOC 2 Type II required
  • ISO 27001, HIPAA, and eventually FedRAMP), partnering with Legal, Security, and Engineering to unblock high-growth customer segments
  • Develop customer-facing security documentation, trust centers, and compliance artifacts that clearly communicate Crusoe’s security posture to CISOs and technical buyers
  • Collaborate closely with Engineering, DevOps, SRE, Legal, Finance, Customer Success, and executive stakeholders to define requirements, execution plans, and operating models
  • Engage directly with current and prospective customers to understand real-world security and compliance needs and translate them into scalable product solutions
What we offer
What we offer
  • Restricted Stock Units in a fast growing, well-funded technology company
  • Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
  • Employer contributions to HSA accounts
  • Paid Parental Leave
  • Paid life insurance, short-term and long-term disability
  • Teladoc
  • 401(k) with a 100% match up to 4% of salary
  • Generous paid time off and holiday schedule
  • Cell phone reimbursement
  • Tuition reimbursement
  • Fulltime
Read More
Arrow Right

Senior Governance, Risk & Compliance Lead

OnePlan is looking for a Senior Governance, Risk & Compliance Lead to own and op...
Location
Location
United States
Salary
Salary:
Not provided
oneplan.ai Logo
OnePlan Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in governance, risk and compliance, information security, or security compliance roles
  • Direct experience managing SOC 2 Type II and ISO 27001 audits and maintaining ongoing compliance programs
  • Strong understanding of NIST 800-53 and FedRAMP security requirements
  • Experience using compliance automation platforms such as Vanta or similar tools
  • Experience working in a cloud native SaaS environment, ideally within Azure
  • Strong documentation, audit management, and cross functional coordination skills
  • Ability to translate security and compliance requirements into practical operational processes
  • Experience leading or supporting FedRAMP readiness or authorization programs
Job Responsibility
Job Responsibility
  • Own and manage OnePlan’s governance, risk, and compliance program across security and privacy frameworks
  • Maintain the company’s compliance certifications including SOC 2 Type II, ISO 27001, and ISO 27701, ensuring ongoing audit readiness and successful surveillance audits and recertifications
  • Coordinate with external auditors and manage evidence collection, control validation, and supporting documentation
  • Maintain and update security policies, procedures, and internal documentation supporting compliance frameworks
  • Maintain the company risk register and drive risk identification, assessment, and remediation activities across the organization
  • Partner closely with Engineering and IT teams to implement and document security controls across the platform
  • Lead OnePlan’s FedRAMP Moderate readiness initiative, including NIST 800-53 gap assessments and remediation planning
  • Develop and maintain the System Security Plan (SSP) and associated FedRAMP documentation
  • Prepare the organization for 3PAO assessment and establish processes for ongoing continuous monitoring
  • Manage vendor risk assessments and third party security reviews
What we offer
What we offer
  • We offer comprehensive health, dental, and vision benefits, with additional insurance options
  • Employer RRSP and 401K matching programs
  • A fun, collaborative, and diverse environment with regular health and team challenges to keep things light and enjoyable
  • Fulltime
Read More
Arrow Right

Site Reliability Engineer II - FedRAMP

Trimble is seeking a Site Reliability Engineer to join their world class and glo...
Location
Location
India , Chennai
Salary
Salary:
Not provided
trimble.com Logo
Trimble Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree or equivalent in Computer Science, Engineering or related field or equivalent experience
  • Recent college graduate or one year of experience in IT operations, including knowledge of networking, computing and storage
  • Experience with AWS and/or Azure public cloud
  • Windows system administration familiarity and scripting skills, such as Python, Powershell
  • Linux system administration familiarity and scripting skills, including Bash and Perl
  • Familiarity with application operations, including Incident Management, Change Management, and Capacity Management
  • Excellent written and verbal communication
  • Troubleshooting and problem solving skills
  • Strong desire to learn new things
Job Responsibility
Job Responsibility
  • Responsible for configuration, optimization, documentation and support of the infrastructure components of software products which are hosted primarily in cloud services (AWS and Azure)
  • Perform day-to-day server application management, monitoring, incident response/resolution and working with the customer application development and technical support teams to establish effective application monitoring and to identify application changes to improve operations
  • Develop new and enhance current shared public cloud services with consideration for Availability, Operations, Performance, Capacity, Security, and User Experience
  • Responsible for management of security posture and adherence to corporate security best practices
  • Develop and maintain documentation including but not limited to architecture diagrams, service descriptions, build and deploy documentation and operations run book documentation
  • Provide design and deployment assistance for divisions needing help on a project basis
  • Manage AWS & FedRAMP best practice expectations (incorporating Trimble Cloud Core Platform standards)
  • Work with a global team and are able to occasionally meet or perform tasks off-hours
Read More
Arrow Right

Director, GRC

Founded in 2018 with co-headquarters in Dublin and Boston, Tines powers some of ...
Location
Location
United States
Salary
Salary:
250000.00 - 265000.00 USD / Year
tines.com Logo
Tines
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years of progressive experience in GRC, information security, or risk management
  • At least 5 years in a leadership role
  • Proven track record leading FedRAMP authorization efforts from planning through ATO
  • Deep expertise in multiple compliance frameworks: SOC 2, ISO 27001, FedRAMP, NIST 800-53
  • Experience building and scaling GRC teams and programs in high-growth SaaS or technology companies
  • Strong executive presence with ability to influence C-suite and Board-level stakeholders
  • Demonstrated success managing complex, multi-workstream compliance programs with competing priorities
  • Exceptional communication skills with the ability to translate technical compliance requirements into business value
  • Strategic mindset with hands-on execution capability
  • Experience partnering with Sales, Engineering, Product, and Legal teams to operationalize compliance
Job Responsibility
Job Responsibility
  • Define and execute Tines' multi-year GRC strategy aligned with business objectives
  • Own the compliance roadmap, prioritizing certifications and frameworks based on customer needs and revenue impact
  • Serve as executive sponsor for all compliance programs, providing visibility and reporting to C-suite and Board of Directors
  • Build business cases for compliance investments, demonstrating ROI and competitive advantage
  • Monitor evolving compliance landscape, anticipating regulatory changes
  • Lead, mentor, and grow a team of GRC professionals
  • Scale the team strategically as Tines grows
  • Foster cross-functional collaboration with Engineering, Product, Sales, Legal, IT, Security, and HR teams
  • Drive Tines' FedRAMP authorization to successful completion
  • Establish ongoing FedRAMP continuous monitoring and reauthorization processes
What we offer
What we offer
  • Competitive salary
  • Startup equity & extended exercise window
  • Matching retirement plans
  • Home office setup
  • Private healthcare plans
  • 25 days annual leave
  • Extra company holidays
  • Generous parental leave programs
  • Flexibility in how and where you work
  • Phone and home Internet allowance
  • Fulltime
Read More
Arrow Right

Group Product Manager, Security and Compliance

Crusoe is on a mission to align the future of computing with the future of the c...
Location
Location
United States , San Francisco; Sunnyvale
Salary
Salary:
237000.00 - 288000.00 USD / Year
crusoe.ai Logo
Crusoe
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of Product Management experience, with a strong focus on cloud security, infrastructure platforms, or DevSecOps
  • Strong understanding of cloud infrastructure and security concepts, including Kubernetes security, cloud networking, and the evolving security challenges of LLMs and Generative AI
  • Proven experience navigating SOC 2
  • familiarity with HIPAA and FedRAMP is a strong plus
  • Comfort operating in an early-stage, high-growth environment and building product processes from scratch
  • Ability to deeply understand customer needs and advocate for them across technical and non-technical stakeholders
  • Strong written and verbal communication skills, with experience influencing senior leaders and executives
  • Highly proactive, self-directed, and decisive, with strong product judgment
  • Bachelor’s degree in Computer Science or a related technical field (or equivalent practical experience)
  • Genuine passion for Crusoe’s climate mission and sustainable infrastructure goals
Job Responsibility
Job Responsibility
  • Serve as the architect of trust across the Crusoe Cloud platform
  • Own the end-to-end security and compliance product strategy—from physical data center controls to managed AI inference APIs
  • Build security guardrails for the full model lifecycle, ensuring customer data privacy, isolation, and secure execution environments for managed inference workloads
  • Lead the product side of major compliance initiatives (SOC 2 Type II required
  • ISO 27001, HIPAA, and eventually FedRAMP)
  • Develop customer-facing security documentation, trust centers, and compliance artifacts
  • Collaborate closely with Engineering, DevOps, SRE, Legal, Finance, Customer Success, and executive stakeholders to define requirements, execution plans, and operating models
  • Engage directly with current and prospective customers to understand real-world security and compliance needs and translate them into scalable product solutions
What we offer
What we offer
  • Restricted Stock Units in a fast growing, well-funded technology company
  • Health insurance package options that include HDHP and PPO, vision, and dental for you and your dependents
  • Employer contributions to HSA accounts
  • Paid Parental Leave
  • Paid life insurance, short-term and long-term disability
  • Teladoc
  • 401(k) with a 100% match up to 4% of salary
  • Generous paid time off and holiday schedule
  • Cell phone reimbursement
  • Tuition reimbursement
  • Fulltime
Read More
Arrow Right