Senior DevSecOps Engineer

Emploi pas sur LinkedIn

🕒 il y a 1 mois

🇺🇸 États-Unis – Télétravail

💵 $170 000 / an

⏰ Temps Plein

🟠 Senior

⛑ Ingénieur DevOps & SRE

🦅 Parrain de Visa H1B

Cette entreprise a parrainé des visas H1B par le passé.

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

CRAFTSMAN+

Site WebLinkedInTous les Emplois

11 - 50 employés

Advertising • Technology • Marketing

CRAFTSMAN+ est une plateforme technologique créative et un prestataire de services qui permet aux spécialistes du marketing et aux équipes créatives de produire des publicités de haute qualité à grande échelle. Spécialisé dans l'automatisation et les solutions innovantes, CRAFTSMAN+ permet aux annonceurs d'optimiser leur efficacité grâce à une technologie de pointe, en mettant l'accent sur les principaux moteurs de croissance. Leur Craftsman Studio offre la création de publicités jouables sans code et la production automatisée multi-canaux. Avec des équipes de services créatifs expérimentées, ils soutiennent la stratégie, la narration et la production créative pour les développeurs de jeux, les annonceurs d'applications et les agences. CRAFTSMAN+ s'efforce d'optimiser les efforts créatifs et de fournir des résultats positifs à ses clients.

Description

• Lead Craft’s FedRAMP readiness program — defining the roadmap, owning the ATO timeline, and driving execution across engineering and security stakeholders. • Design and implement AWS GovCloud architecture that meets FedRAMP Moderate and High requirements. • Translate NIST 800-53 Rev. 5 controls into concrete, auditable, and continuously enforced technical implementations — not just documentation. • Build and maintain compliance automation tooling to continuously validate control adherence across the environment, reducing manual audit burden. • Develop and manage secure CI/CD pipelines with integrated security gates, secrets management, and deployment controls appropriate for FedRAMP environments. • Author and maintain System Security Plans (SSPs), control implementation statements, and audit evidence packages; work directly with auditors and 3PAOs through assessment cycles. • Perform threat modeling, risk assessments, and security architecture reviews across the platform. • Define and drive how FedRAMP controls are embedded across the engineering lifecycle, partnering with full-stack, data, and machine learning teams to ensure consistent, scalable adoption. • Serve as the internal subject matter expert on FedRAMP, NIST 800-53, and federal compliance — upleveling the broader team’s knowledge as the program matures.

🎯 Exigences

• You have direct, hands-on FedRAMP ATO experience — you’ve been through the process, not just observed it. • You have strong working knowledge of NIST 800-53 Rev. 5 controls and how to implement them technically, not just document them. • You have deep hands-on experience securing AWS environments. • You have direct experience with AWS GovCloud, including its constraints and operational differences from commercial AWS. • You write advanced Terraform — modules, policy enforcement, and infrastructure that’s auditable by design. • You’ve built or hardened CI/CD pipelines for secure, compliant deployments — integrating security scanning, secrets management, and access controls. • You’ve worked directly with auditors and 3PAOs: preparing evidence packages, responding to findings, and supporting assessment activities. • Nice to Haves: SOC 2 Type II experience, particularly in environments where mapped or extended to support FedRAMP or NIST frameworks. • Experience securing data platforms such as Databricks, including data isolation and access control patterns. • Familiarity with AI and LLM security concepts: prompt injection risks, model data isolation, inference boundary controls. • Experience working in a startup or lean DevSecOps environment where you’ve had to build programs pragmatically with limited resources.

🏖️ Avantages

• Competitive salary starting at $170,000 USD/ year. • Equity at a well-funded, fast-growing startup • Unlimited vacation time so you can take what you need, when you need it • 99% covered Health + Dental + Vision insurance for employees and dependents • 401K through Empower with options to invest how you want it