FedRamp Security Architect

Job Title: FedRAMP Security Architect

Job Summary:

We are seeking a FedRAMP Security Architect to lead security architecture, compliance, and risk management efforts for cloud-based systems operating under Federal Risk and Authorization Management Program (FedRAMP) guidelines. The ideal candidate will design and implement secure cloud environments, ensure compliance with NIST 800-53 Rev 5 controls, and support the FedRAMP Authorization to Operate (ATO) process.

Key Responsibilities

1. Security Architecture & Compliance

• Design and implement secure cloud architectures (AWS, Azure, GCP) that meet FedRAMP Moderate/High requirements.
• Ensure alignment with NIST 800-53, FIPS 140-2/140-3, and the Risk Management Framework (RMF).
• Develop and maintain System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action & Milestones (POA&M) for FedRAMP compliance.
• Work with Third-Party Assessment Organizations (3PAOs) to achieve FedRAMP certification and continuous monitoring compliance.

2. Risk Management & Continuous Monitoring

• Implement Continuous Monitoring (ConMon) strategies, including security automation tools (SIEM, CSPM, SOAR).
• Perform security risk assessments and support vulnerability scans and penetration testing.
• Develop and enforce security policies, standards, and best practices for FedRAMP environments.

3. Cloud Security & DevSecOps Integration

• Collaborate with development teams to integrate secure software development lifecycle (SSDLC) practices.
• Design and implement Zero Trust Architecture (ZTA) for cloud-based federal systems.
• Automate security control implementation using Infrastructure-as-Code (IaC) tools.

4. Incident Response & Threat Modeling

• Develop and test incident response plans tailored for FedRAMP environments.
• Conduct threat modeling to proactively identify and mitigate security risks.
• Collaborate with Security Operations teams on incident response and remediation efforts.

Required Qualifications

• Bachelor’s or Master’s degree in Cybersecurity, Information Security, Computer Science, or a related field.
• 8 to 12 years of experience in cloud security, compliance, and risk management with a focus on FedRAMP.
• Deep understanding of FedRAMP Moderate/High baselines, NIST 800-53 Rev 5, FISMA, RMF, and FIPS 140-2/3.
• Strong hands-on experience with AWS, Azure, or Google Cloud security services (e.g., IAM, KMS, GuardDuty, Security Hub).
• Experience with security automation and DevSecOps tools (e.g., Terraform, Ansible, Kubernetes security).
• Strong documentation skills for SSPs, POA&Ms, SARs, and other FedRAMP-related compliance artifacts.
• Experience working with 3PAOs and federal agencies for security audits and ATO processes.

Preferred Certifications:

• CISSP, CISM, CCSP
• AWS/Azure Security Specialty
• Google Professional Cloud Security Engineer

Preferred Qualifications

• Experience with Zero Trust implementation in FedRAMP environments.
• Familiarity with SOAR, SIEM, and CSPM tools.
• Strong knowledge of container security, Kubernetes, and CI/CD security best practices

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

The pay rate that the employer in good faith reasonably expects to pay for this position is $80-90hr USD

Our optional benefits include medical, dental, vision and retirement benefits.

Applications will be accepted on an ongoing basis.

Tundra Technical Solutions (the operator of this Talent Community) is a global leader of contingent talent services. Our success and our clients’ success are built on a foundation of service excellence. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Unincorporated LA County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: client provided property, including hardware (both of which may include data) entrusted to you from theft, loss or damage; return all portable client computer hardware in your possession (including the data contained therein) upon completion of the assignment, and; maintain the confidentiality of client proprietary, confidential, or non-public information. In addition, job duties require access to secure and protected client information technology systems and related data security obligations.