Security Architect

Piper Companies is seeking an experienced Security Architect - FedRAMP to join a leading Information Security team. The primary purpose of the Security Architect is to design secure cloud architectures and security control plane components and interconnections, ensuring compliance with stringent federal standards.

Responsibilities of the Security Architect - FedRAMP include:

• Secure Architecture Leadership : Design and implement cloud security architectures (SaaS/application management, customer data, and security control planes) that meet FedRAMP and highly controlled security requirements.
• Compliance Collaboration : Work with Compliance to design and implement controls, specify engineering standards and requirements, and ensure audit readiness with technical and regulatory expertise.
• FedRAMP Technical Authority : Define authorization boundaries and provide technical leadership, ensuring FedRAMP compliance.
• Cloud Security Expertise : Recommend secure configurations for cloud services (e.g., AWS GovCloud, Azure Government), balancing FedRAMP and security best practices.
• Compliance Translation : Educate cross-functional partners on how compliance drives architecture, detailing allowed encryption (e.g., FIPS 140-2), prohibited configurations, and optimal services.
• Tool Guidance : Select security tools and microservices to meet federal requirements.
• FedRAMP-Specific Guidance : Advise on requirements like container scanning (e.g., runtime security, image integrity) and design Infrastructure as Code.
• Audit Support : Collaborate with Third-Party Assessment Organizations (3PAOs) during audits, providing evidence for configurations and maintaining supporting documentation.
• Security Innovation : Promote best practices like CIS-hardened configurations, FIPS-validated cryptography, and proactive risk mitigation.
• Documentation : Develop and review deliverables, including Authorization Boundary, Network, and data flow diagrams, Front Matter for the System Security Plan (SSPs), and provide input to Change Control Plan, Contingency Plan, and Incident Response Plan.

Qualifications for the Security Architect - FedRAMP include:

• 15+ years of experience including cloud technologies, technical architecture, and application development.
• 8+ years of experience in cloud security, with experience across AWS, Google Cloud Platform, and/or Azure infrastructure design.
• 2+ years of experience in VMWare and/or network security modeling.
• Broad knowledge of private and public cloud attack vectors and exploits.
• Subject matter expertise in CI/CD, Cloud APIs, and Identity management.
• Deep understanding of compute, network, and storage technologies in AWS, Google Cloud Platform, and/or Azure.
• Programming experience in Python, Go, or Java.
• Deep security policy subject matter expertise in at least one major public cloud provider (AWS, Google Cloud Platform, Azure).
• Experience with deploying and securing SaaS applications and cloud environments at scale.
• Working experience with CI/CD pipeline, containerization (Kubernetes, Docker, etc.), and MicroServices.
• Knowledge of Infrastructure as Code (IaC) concepts and implementing standards within them.
• Understanding of cloud security maturity model frameworks and how to apply them.

Compensation for the Security Architect - FedRAMP includes:

• Salary: $250,000 - $300,000
• Comprehensive Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave as required by law, and Holidays.

This job opens for applications on 3/19/2025. Applications for this job will be accepted for at least 30 days from the posting date.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Piper Companies is seeking an experienced Security Architect - FedRAMP to join a leading Information Security team. The primary purpose of the Security Architect is to design secure cloud architectures and security control plane components and interconnections, ensuring compliance with stringent federal standards.

Responsibilities of the Security Architect - FedRAMP include:

• Secure Architecture Leadership : Design and implement cloud security architectures (SaaS/application management, customer data, and security control planes) that meet FedRAMP and highly controlled security requirements.
• Compliance Collaboration : Work with Compliance to design and implement controls, specify engineering standards and requirements, and ensure audit readiness with technical and regulatory expertise.
• FedRAMP Technical Authority : Define authorization boundaries and provide technical leadership, ensuring FedRAMP compliance.
• Cloud Security Expertise : Recommend secure configurations for cloud services (e.g., AWS GovCloud, Azure Government), balancing FedRAMP and security best practices.
• Compliance Translation : Educate cross-functional partners on how compliance drives architecture, detailing allowed encryption (e.g., FIPS 140-2), prohibited configurations, and optimal services.
• Tool Guidance : Select security tools and microservices to meet federal requirements.
• FedRAMP-Specific Guidance : Advise on requirements like container scanning (e.g., runtime security, image integrity) and design Infrastructure as Code.
• Audit Support : Collaborate with Third-Party Assessment Organizations (3PAOs) during audits, providing evidence for configurations and maintaining supporting documentation.
• Security Innovation : Promote best practices like CIS-hardened configurations, FIPS-validated cryptography, and proactive risk mitigation.
• Documentation : Develop and review deliverables, including Authorization Boundary, Network, and data flow diagrams, Front Matter for the System Security Plan (SSPs), and provide input to Change Control Plan, Contingency Plan, and Incident Response Plan.

Qualifications for the Security Architect - FedRAMP include:

• 15+ years of experience including cloud technologies, technical architecture, and application development.
• 8+ years of experience in cloud security, with experience across AWS, Google Cloud Platform, and/or Azure infrastructure design.
• 2+ years of experience in VMWare and/or network security modeling.
• Broad knowledge of private and public cloud attack vectors and exploits.
• Subject matter expertise in CI/CD, Cloud APIs, and Identity management.
• Deep understanding of compute, network, and storage technologies in AWS, Google Cloud Platform, and/or Azure.
• Programming experience in Python, Go, or Java.
• Deep security policy subject matter expertise in at least one major public cloud provider (AWS, Google Cloud Platform, Azure).
• Experience with deploying and securing SaaS applications and cloud environments at scale.
• Working experience with CI/CD pipeline, containerization (Kubernetes, Docker, etc.), and MicroServices.
• Knowledge of Infrastructure as Code (IaC) concepts and implementing standards within them.
• Understanding of cloud security maturity model frameworks and how to apply them.

Compensation for the Security Architect - FedRAMP includes:

• Salary: $250,000 - $300,000
• Comprehensive Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave as required by law, and Holidays.

This job opens for applications on 3/19/2025. Applications for this job will be accepted for at least 30 days from the posting date.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.