DevOps Security Engineer

🕒 vor 3 Monaten

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Knox Systems, Inc.

WebsiteLinkedInAlle Stellen

201 - 500 Mitarbeiter

🏛️ Regierung

🔒 Cybersecurity

📋 Compliance

🔥 Finanzierung im letzten Jahr

💰 €6.500.000 Seed im 2025-08

Government • Cybersecurity • Compliance

Knox Systems, Inc. ist der Betreiber der größten FedRAMP-zertifizierten Managed Cloud, die speziell entwickelte, regierungstaugliche Cloud-Infrastrukturen und kontinuierliche Compliance für US-Bundesbehörden und SaaS-Anbieter bietet, die mit der Regierung zusammenarbeiten. Knox bietet Multi-Cloud-Hosting über AWS, Azure und GCP, KI-gesteuerte Compliance-Automatisierung (KnoxAI), Echtzeitüberwachung und Fehlerbehebung sowie einen optimierten Weg zur FedRAMP-Zertifizierung, der traditionelle Zeitpläne von Jahren auf Wochen verkürzt. Das Unternehmen konzentriert sich auf sichere, widerstandsfähige und prüfbare Umgebungen, die eine schnelle und konforme Bereitstellung von SaaS- und KI-Lösungen im öffentlichen Sektor ermöglichen.

Beschreibung

• Serve as a security point of contact for external customers deploying into regulated cloud environments. • Support customer onboarding by validating application security posture and deployment readiness for FedRAMP environments. • Review customer security documentation, architectures, and deployment workflows against platform security requirements. • Communicate security requirements, changes, incident escalations, and compliance questions clearly to customers. • Implement and operate security controls required for FedRAMP Moderate/High, aligned to NIST SP 800-53. • Support Continuous Monitoring (ConMon) activities, including vulnerability tracking, POA&M updates, and compliance reporting. • Maintain and validate FedRAMP security architecture artifacts, including network diagrams, data flow diagrams, trust boundaries, and control flows. • Validate deployed infrastructure and traffic patterns against approved FedRAMP architectures using flow logs and telemetry. • Operate CrowdStrike as part of the core CNAPP enforcement and DevSecOps control. • Integrate CrowdStrike CNAPP and detection signals into automated SOAR and CI/CD workflows to support preventative controls, response, and Continuous Monitoring (ConMon) for FedRAMP compliance. • Coordinate external penetration testing efforts, including scoping, access, findings review, and remediation tracking. • Use application security tools (e.g., Burp Suite) to support internal testing and remediation. • Implement security and compliance gates in CI/CD pipelines to prevent non-compliant infrastructure or code from reaching production. • Enforce policy-as-code guardrails for IAM, networking, logging, encryption, and endpoint protection using Terraform. • Ensure CrowdStrike coverage, logging, and monitoring are enforced as deployment prerequisites. • Prevent cloud exposure by enforcing network segmentation, approved ingress/egress paths, and least-privilege access. • Detect and remediate configuration drift using CSPM and automated workflows. • Secure Kubernetes clusters and containerized workloads to approved security baselines.

🎯 Anforderungen

• 4+ years of experience in Cloud Security, DevSecOps, or Security Operations roles. • Hands-on experience operating CrowdStrike Falcon in production environments. • Direct experience supporting FedRAMP environments and implementing NIST SP 800-53 controls. • Experience working directly with external customers on security onboarding or deployment readiness. • Strong experience with Wiz or similar CSPM/CNAPP platforms. • Proficiency with Terraform and CI/CD tooling (GitHub, GitHub Actions). • Experience securing multi-cloud environments (AWS required; Azure and/or GCP preferred). • Strong written and verbal communication skills.

🏖️ Vorteile

• Medical • Dental • Vision • Life & Disability • Unlimited PTO • Employee funded 401k plan