Senior Information Security Engineer

Proven experience leading or significantly contributing to StateRAMP, FedRAMP, and TX-RAMP compliance efforts. Expertise in NIST 800-53, FIPS 199/200, and continuous monitoring frameworks. Hands-on experience with AWS security services (IAM, GuardDuty, CloudTrail, Security Hub, etc.). Strong understanding of SOC2, GovRAMP, DevSecOps practices, and cloud infrastructure. Exceptional written and spoken English skills. Bachelor's degree in Cybersecurity, Computer Science, or a related field. Relevant certifications (e.g., CISSP, CCSP, AWS Security Specialty) are a strong plus. Experience with audit response, SIEM tools, or zero trust architecture is a bonus.

Lead StateRAMP readiness, gap remediation, and authorization. Provide guidance for FedRAMP Moderate and TX-RAMP certification. Manage communication with third-party assessment organizations. Maintain System Security Plan (SSP) and POA&M. Design and maintain secure cloud infrastructure (AWS) aligned with NIST 800-53 controls. Implement technical safeguards for IAM, vulnerability management, and incident response. Support DevOps teams in security automation and secure CI/CD pipelines. Conduct risk assessments and penetration test planning and review. Collaborate with executive leadership on security strategy. Develop training materials for internal security awareness. Ensure alignment between security policies and engineering practices. Mentor engineers and advise product teams on secure-by-design principles.