Security Architect - FedRAMP

Job Title: Security Architect - FedRAMP

Pay Type: SALARIED EXEMPT 

Location: Remote

Clearance: U.S. Citizenship required; eligibility for security clearance preferred 

About Quzara: Quzara is a leader in cybersecurity and compliance, delivering innovative, tailored solutions to federal, commercial, and defense customers. Our mission is to empower organizations with strategic advisory services and cutting-edge security operations, ensuring they meet the highest standards of security and compliance. Join our team of experts at the forefront of cloud security and FedRAMP transformation.

Summary of Position Role/Responsibilities

We are seeking an experienced Security Architect - FedRAMP to join our cybersecurity team. In this role, you will design secure cloud architectures and lead FedRAMP compliance efforts, serving as the technical linchpin for advisory engagements and audits. You’ll guide clients through compliance walkthroughs, define FedRAMP boundaries, and recommend configurations that meet stringent federal standards. With your deep expertise in cloud security, encryption, and vulnerability management, you’ll empower customers to achieve and maintain FedRAMP authorization.

If you have a proven track record with FedRAMP customers and excel at leading compliance processes, this is your opportunity to thrive at Quzara.

Essential Functions of the Job

• Secure Architecture Leadership: Design and implement cloud security architectures that meet FedRAMP and broader security requirements.
• Compliance Walkthrough Leadership: Lead FedRAMP compliance walkthroughs, guiding clients through control implementation, requirements, and audit readiness with technical and regulatory expertise.
• FedRAMP Technical Authority: Define authorization boundaries and provide technical leadership in advisory projects and audits, ensuring FedRAMP compliance.
• Cloud Security Expertise: Recommend secure configurations for cloud services (e.g., AWS GovCloud, Azure Government), balancing FedRAMP and security best practices.
• Compliance Translation: Educate clients on how compliance drives architecture, detailing allowed encryption (e.g., FIPS 140-2), prohibited configurations, and optimal services.
• Tool Utilization: Leverage security tools (e.g., Tenable, Qualys, Microsoft Defender) for vulnerability management, container scanning, and continuous monitoring, attuned to FedRAMP needs.
• FedRAMP-Specific Guidance: Advise on requirements like container scanning (e.g., runtime security, image integrity) and vulnerability management (e.g., risk prioritization, scan schedules).
• Customer Enablement: Simplify technical and compliance concepts into actionable steps during walkthroughs and consultations.
• Audit Support: Collaborate with Third-Party Assessment Organizations (3PAOs) during audits, validating configurations and supporting documentation.
• Security Innovation: Promote best practices like CIS-hardened configurations, FIPS-validated cryptography, and proactive risk mitigation.
• Documentation: Develop and review deliverables, including System Security Plans (SSPs), control mappings, and Plans of Action and Milestones (POA&Ms).

Marginal Functions of the Job

• Other duties as assigned

Normal Work Schedule

This is a full-time position. Standard business hours are Monday through Friday 8:30 AM to 5:30 PM. Additional time outside of these hours may be needed to complete the essential functions of the job.

Education, Training, and Experience

• Minimum of 5 years of direct experience working with FedRAMP customers, designing secure architectures, and supporting authorization processes.
• Technical Expertise:
  • Deep knowledge of FedRAMP boundaries, NIST 800-53 controls, and federal security standards.
  • Proficiency with cloud platforms (AWS, Azure, GCP) and their government offerings.
  • Experience with security tools for vulnerability management (e.g., Tenable, Qualys) and container scanning (e.g., Docker, Kubernetes security).
• Encryption Mastery: Strong grasp of encryption standards (e.g., FIPS 140-2/3, TLS) and ability to implement compliant solutions.
• Regulatory Knowledge: Expertise in FedRAMP requirements, including container scanning (e.g., vulnerability checks, image signing) and vulnerability management (e.g., remediation timelines).
• Compliance Leadership: Proven ability to lead compliance walkthroughs and communicate technical and regulatory concepts to diverse audiences.
• Leadership: Track record of guiding technical and compliance efforts in advisory or audit contexts, collaborating across teams.
• Certifications (Preferred): AWS Solutions Architect, Azure Solutions Architect, CISSP, CISM, or FedRAMP-specific training.
• Clearance: U.S. Citizenship required; active or eligibility for a security clearance is a plus.

EEO Statement

The Company is an Equal Employment Opportunity (EEO) employer and does not discriminate based on race, color, religion, sex, sexual orientation, national origin, age, marital status, disability, veteran's status, or any other basis protected by applicable discrimination laws.