Location: Pittsburgh, PA, Lake Mary, FL, or New York, NY (ONSITE)
Duration: Long Term Project
Experience: 15+
Job Role and Responsibilities:
Drive the technical design and full-lifecycle integration of comprehensive security control frameworks. By leveraging a deep, architectural understanding of foundational risk models (e.g., NIST SP 800-53, CSF, ISO 27001), this architect translates rigorous compliance mandates into resilient, scalable cloud infrastructure. Their holistic approach to boundary definition, automated enforcement, and zero-trust principles ensures that security is engineered organically into the environment, continuously satisfying complex third-party assessment criteria.
________________________________________
Must-Have Skills
Full-Lifecycle Engineering:”Demonstrated experience in the end-to-end integration of rigorous control frameworks (e.g., NIST 800-53, ISO 27001, SOC 2, CMMC)—from initial gap analysis and architectural design through deployment, automated enforcement, and continuous monitoring.”
– Control Translation:”Proven ability to dissect complex regulatory catalogs and translate them into actionable, technical engineering requirements for AWS infrastructure and DevSecOps pipelines.”
– Boundary & Scoping Expertise:”Expertise in defining complex authorization boundaries, architecting secure enclaves, and implementing microsegmentation to isolate regulated data and reduce the overall audit footprint.”
– Compensating Controls:”Adept at designing and documenting robust compensating controls and operational workarounds when native technical enforcement of a framework requirement is unfeasible.”
– Ability to work with multiple teams and drive controls into production
________________________________________
Key Responsibilities
– Implement and enforce FedRAMP controlsin cloud platforms
– Review existing security frameworks and close gaps between standards and implementation
________________________________________
What We’re Looking For
– Very hands-on profile— must know how to “do”, not just “review”
– Strong blend of architecture knowledge + engineering execution
– Experience in regulated or enterprise cloud environmentspreferred
 |
|
|
|
Shahid Shaikh
Senior Lead Technical Recruiter |
|
2050 Center Avenue | Suite 600 | Fort Lee, NJ 07024
Direct Number: (201) 354-2896
tel: (201) 242-5505 x121 Email: <a href="mailto:shahid.m@wonese.com" id="m_1681737093427343861OWA89485e04-4fe5-1d22-5142-6f210a346bd2" title="mailto:shahid.m@wonese.com” style=”margin:0px” target=”_blank”>shahid.m@wonese.com
|
|
|
