Cloud Security Architect - FedRAMP

Position: Cloud Security Architect - FedRAMP

Location: Remote

Hiring Mode: 8+ Months sContract

Job Description:

Summary Of Position Role/Responsibilities

We are seeking an experienced Security Architect - FedRAMP to join our Information Security team. In this role, you will design secure cloud architectures and security control plane components and interconnections. You ll define and document FedRAMP boundaries, and recommend management plane and customer data plane configurations that meet stringent federal standards. With your deep expertise in (multi-)cloud security, encryption, networking, multi-tenancy isolation, and defense in depth, you ll empower Rubrik to achieve and maintain FedRAMP (High) and Department of Defense Impact Level 5 authorization.

Essential Functions Of The Job:

• Secure Architecture Leadership: Design and implement cloud security architectures (SaaS / application management, customer data, and security control planes) that meet FedRAMP and highly controlled Federal security requirements.
• Collaborate with Compliance to design and implement controls, specify engineering standards and requirements, and ensure audit readiness with technical and regulatory expertise.
• FedRAMP Technical Authority: Provide technical leadership on the authorization boundary, ensuring FedRAMP compliance.
• Cloud Security Expertise: Recommend secure configurations for cloud services (e.g., AWS GovCloud, Azure Government), balancing FedRAMP and security best practices.
• Translations: Educate cross functional partners (Engineering and IT) on how compliance drives architecture, detailing allowed encryption (e.g., FIPS 140-2), prohibited configurations, and optimal services.
• Tool Guidance: Select security tools and microservices to meet federal requirements
• FedRAMP-Specific Guidance: Advise on requirements like container scanning (e.g., runtime security, image integrity) and design of Infrastructure as Code
• Documentation: Develop and review deliverables, including Authorization Boundary, Network, and data flow diagrams, Front Matter for the System Security Plan (SSPs), and provide input to Change Control Plan, Contingency Plan, and Incident Response Plan.

About the team:

The Information Security organization advances the overall state of security at Rubrik through purposeful initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams at Rubrik to develop secure software and protect data and systems with appropriate security controls. Information Security also develops systems to monitor and respond to attacks against our systems, provides awareness education to teams on security best practices for data protection, and ensures data sharing relationships with third parties in order to securely protect Rubrik information.

What you ll do:

• Partner with engineering teams across Rubrik to create secure cloud infrastructure design and deployment architectures utilizing threat models and risk analysis documentation specific to a FedRAMP and IL4+ environment
• Work with development teams, operations, governance, and other stakeholders to draft security standards and controls and implement monitoring, alerting and governance to adhere to those specifications
• Support incident responders in analyzing applicable threats, vulnerabilities, controls and residual risks inside and out of the FedRAMP boundary
• Analyze and harden existing applications, infrastructure, automation, and deployment processes partnering with multiple teams to design & implement solutions within the space
• Execute Security impact Analysis reviews for all FedRAMP changes coming in to the change management process

Experience you ll need:

• Bachelor s degree required; BS or MS in Computer Science, Information Technology, or a related field
• 15 years of experience including cloud technologies, technical architecture and application development
• 8+ years experience in cloud security, with experience across AWS, Google Cloud Platform and/or Azure infrastructure design
• 2+ years experience in VMWare and/or Network security modeling
• Broad knowledge of private and public cloud attack vectors and exploits
• Subject matter expertise in CI/CD, Cloud APIs and Identity management
• Deep understanding of compute, network and storage technologies in AWS, Google Cloud Platform and/or Azure
• Programming experience in Python, Go or Java
• Deep security policy subject matter expertise in at least one major public cloud provider (AWS, Google Cloud Platform, Azure)
• Experience with deploying and securing SaaS applications and cloud environments at scale
• Working experience with CI/CD pipeline, containerization (Kubernetes, Docker, etc) and MicroServices
• Knowledge of of IaC (Infrastructure as Code) concepts and implementing standards within them
• Understanding of cloud security maturity model frameworks and how to apply them
• Strong written and verbal communication skills

Additional Requirements:

• Due to the criteria and security levels for Rubrik s FedRAMP program, this position will require the following:
• S. citizenship at the time of hire
• Residence within the contiguous United States (i.e., the lower 48 states and the District of Columbia); and Willingness to undergo a Single Source Background Investigation if required.

#LI-Remote

Security and Privacy Responsibilities:

• This position carries special Security and Privacy Responsibilities for protecting the U.S. Federal Government s interests:
• Know, acknowledge, and follow system-specific security policies and procedures;
• Protect data and individual privacy per requirements and regulations;
• Perform ongoing activities in compliance with service and contractual obligations;
• Participate in role-based training, completing assignments on a timely basis;
• Report security issues promptly, and aid investigation when needed;
• Support controlled changes and vulnerability remediation activities; and
• Work collaboratively with Information Security in designing, implementing, assessing or enhancing system-specific security and privacy controls.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Position: Cloud Security Architect - FedRAMP

Location: Remote

Hiring Mode: 8+ Months sContract

Job Description:

Summary Of Position Role/Responsibilities

We are seeking an experienced Security Architect - FedRAMP to join our Information Security team. In this role, you will design secure cloud architectures and security control plane components and interconnections. You ll define and document FedRAMP boundaries, and recommend management plane and customer data plane configurations that meet stringent federal standards. With your deep expertise in (multi-)cloud security, encryption, networking, multi-tenancy isolation, and defense in depth, you ll empower Rubrik to achieve and maintain FedRAMP (High) and Department of Defense Impact Level 5 authorization.

Essential Functions Of The Job:

• Secure Architecture Leadership: Design and implement cloud security architectures (SaaS / application management, customer data, and security control planes) that meet FedRAMP and highly controlled Federal security requirements.
• Collaborate with Compliance to design and implement controls, specify engineering standards and requirements, and ensure audit readiness with technical and regulatory expertise.
• FedRAMP Technical Authority: Provide technical leadership on the authorization boundary, ensuring FedRAMP compliance.
• Cloud Security Expertise: Recommend secure configurations for cloud services (e.g., AWS GovCloud, Azure Government), balancing FedRAMP and security best practices.
• Translations: Educate cross functional partners (Engineering and IT) on how compliance drives architecture, detailing allowed encryption (e.g., FIPS 140-2), prohibited configurations, and optimal services.
• Tool Guidance: Select security tools and microservices to meet federal requirements
• FedRAMP-Specific Guidance: Advise on requirements like container scanning (e.g., runtime security, image integrity) and design of Infrastructure as Code
• Documentation: Develop and review deliverables, including Authorization Boundary, Network, and data flow diagrams, Front Matter for the System Security Plan (SSPs), and provide input to Change Control Plan, Contingency Plan, and Incident Response Plan.

About the team:

The Information Security organization advances the overall state of security at Rubrik through purposeful initiatives and coordination of large security projects. Information Security builds technologies, tools, and processes to better enable teams at Rubrik to develop secure software and protect data and systems with appropriate security controls. Information Security also develops systems to monitor and respond to attacks against our systems, provides awareness education to teams on security best practices for data protection, and ensures data sharing relationships with third parties in order to securely protect Rubrik information.

What you ll do:

• Partner with engineering teams across Rubrik to create secure cloud infrastructure design and deployment architectures utilizing threat models and risk analysis documentation specific to a FedRAMP and IL4+ environment
• Work with development teams, operations, governance, and other stakeholders to draft security standards and controls and implement monitoring, alerting and governance to adhere to those specifications
• Support incident responders in analyzing applicable threats, vulnerabilities, controls and residual risks inside and out of the FedRAMP boundary
• Analyze and harden existing applications, infrastructure, automation, and deployment processes partnering with multiple teams to design & implement solutions within the space
• Execute Security impact Analysis reviews for all FedRAMP changes coming in to the change management process

Experience you ll need:

• Bachelor s degree required; BS or MS in Computer Science, Information Technology, or a related field
• 15 years of experience including cloud technologies, technical architecture and application development
• 8+ years experience in cloud security, with experience across AWS, Google Cloud Platform and/or Azure infrastructure design
• 2+ years experience in VMWare and/or Network security modeling
• Broad knowledge of private and public cloud attack vectors and exploits
• Subject matter expertise in CI/CD, Cloud APIs and Identity management
• Deep understanding of compute, network and storage technologies in AWS, Google Cloud Platform and/or Azure
• Programming experience in Python, Go or Java
• Deep security policy subject matter expertise in at least one major public cloud provider (AWS, Google Cloud Platform, Azure)
• Experience with deploying and securing SaaS applications and cloud environments at scale
• Working experience with CI/CD pipeline, containerization (Kubernetes, Docker, etc) and MicroServices
• Knowledge of of IaC (Infrastructure as Code) concepts and implementing standards within them
• Understanding of cloud security maturity model frameworks and how to apply them
• Strong written and verbal communication skills

Additional Requirements:

• Due to the criteria and security levels for Rubrik s FedRAMP program, this position will require the following:
• S. citizenship at the time of hire
• Residence within the contiguous United States (i.e., the lower 48 states and the District of Columbia); and Willingness to undergo a Single Source Background Investigation if required.

#LI-Remote

Security and Privacy Responsibilities:

• This position carries special Security and Privacy Responsibilities for protecting the U.S. Federal Government s interests:
• Know, acknowledge, and follow system-specific security policies and procedures;
• Protect data and individual privacy per requirements and regulations;
• Perform ongoing activities in compliance with service and contractual obligations;
• Participate in role-based training, completing assignments on a timely basis;
• Report security issues promptly, and aid investigation when needed;
• Support controlled changes and vulnerability remediation activities; and
• Work collaboratively with Information Security in designing, implementing, assessing or enhancing system-specific security and privacy controls.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.