Keeper Security, Inc.Remote
Senior Security Compliance Engineer, AWS (FedRAMP High / DoD IL5)
United States of America
Full Time
3 days ago
No H1B
Key skills
AWSIAMCloud Security
About this role
Keeper Security, Inc. is a rapidly growing cybersecurity software company that provides solutions to protect organizations and individuals globally. They are seeking a Senior Security Compliance Engineer to lead the implementation and maintenance of FedRAMP High and DoD IL5 compliance for AWS-based products, working closely with engineering teams to design compliant architectures and validate security controls.
Responsibilities:
- Serve as the technical lead for FedRAMP High and DoD IL5 compliance, including continuous monitoring, control validation, and authorization activities
- Implement, operate, and validate AWS security controls aligned with NIST 800-53 High baseline and DoD SRG requirements
- Partner with cloud and platform engineering teams to review architectures, challenge non-compliant designs, and guide secure implementation
- Author, manage, and track POA&Ms, including root cause analysis, remediation planning, and reporting to 3PAOs, sponsoring agencies, and DoD stakeholders
- Coordinate vulnerability remediation and patching across AWS infrastructure and supporting services
- Lead audit readiness and evidence collection efforts, including improving automation for recurring FedRAMP and IL5 deliverables
- Provide secondary technical support for SOC 2, PCI DSS, and ISO 27001 compliance initiative
Requirements:
- Bachelor's degree in Information Security, Computer Science, Engineering, or equivalent practical experience
- 7+ years of experience in cloud security or security compliance engineering
- 5+ years of direct, hands-on experience supporting FedRAMP High environments
- Strong working knowledge of NIST 800-53 controls, DoD SRG requirements, and continuous monitoring processes
- 5+ years of hands-on experience securing AWS environments, including IAM, logging and monitoring, encryption, and vulnerability management
- 5+ years of experience working directly with 3PAOs, auditors, and government stakeholders
- Demonstrated ability to translate regulatory requirements into practical, enforceable technical controls
- Due to the role's involvement with GovCloud and DoD environments, candidates must be a U.S. Person
- Direct experience operating in DoD IL5 environments
- AWS Security Specialty or AWS Solutions Architect certification
- CISSP, SANS, or equivalent security certification
- Experience supporting SOC 2, PCI DSS, or ISO 27001 in cloud-native environments