Replies within 24 hours

Job Title: Cloud Security Architect

Location: Palo Alto, CA (Remote)

Interview type: Webcam

Long Term Contract

Job Summary:

Summary Of Position Role/Responsibilities

We are seeking an experienced Security Architect - FedRAMP to join our Information Security team. In this role, you will design secure cloud architectures and security control plane components and interconnections. You’ll define and document FedRAMP boundaries and recommend management plane and customer data plane configurations that meet stringent federal standards. With your deep expertise in (multi-)cloud security, encryption, networking, multi-tenancy isolation, and defense in depth, you’ll empower Rubrik to achieve and maintain FedRAMP (High) and Department of Defense Impact Level 5 authorization.

Essential Functions Of The Job

Secure Architecture Leadership: Design and implement cloud security architectures (SaaS / application management, customer data, and security control planes) that meet FedRAMP and highly controlled Federal security requirements.
Collaborate with Compliance to design and implement controls, specify engineering standards and requirements, and ensure audit readiness with technical and regulatory expertise.
FedRAMP Technical Authority: Provide technical leadership on the authorization boundary, ensuring FedRAMP compliance.
Cloud Security Expertise: Recommend secure configurations for cloud services (e.g., AWS GovCloud, Azure Government), balancing FedRAMP and security best practices.
Translations: Educate cross functional partners (Engineering and IT) on how compliance drives architecture, detailing allowed encryption (e.g., FIPS 140-2), prohibited configurations, and optimal services.
Tool Guidance: Select security tools and microservices to meet federal requirements
FedRAMP-Specific Guidance: Advise on requirements like container scanning (e.g., runtime security, image integrity) and design of Infrastructure as Code
Documentation: Develop and review deliverables, including Authorization Boundary, Network, and data flow diagrams, Front Matter for the System Security Plan (SSPs), and provide input to Change Control Plan, Contingency Plan, and Incident Response Plan.

What you’ll do:

Partner with engineering teams across Rubrik to create secure cloud infrastructure design and deployment architectures utilizing threat models and risk analysis documentation specific to a FedRAMP and IL4+ environment
Work with development teams, operations, governance, and other stakeholders to draft security standards and controls and implement monitoring, alerting and governance to adhere to those specifications
Support incident responders in analyzing applicable threats, vulnerabilities, controls and residual risks inside and out of the FedRAMP boundary
Analyze and harden existing applications, infrastructure, automation, and deployment processes partnering with multiple teams to design & implement solutions within the space
Execute Security impact Analysis reviews for all FedRAMP changes coming in to the change management process

Experience you’ll need:

Bachelor’s degree required; BS or MS in Computer Science, Information Technology, or a related field
15 years of experience including cloud technologies, technical architecture and application development
8+ years experience in cloud security, with experience across AWS, GCP and/or Azure infrastructure design
2+ years experience in VMWare and/or Network security modeling
Broad knowledge of private and public cloud attack vectors and exploits
Subject matter expertise in CI/CD, Cloud APIs and Identity management
Deep understanding of compute, network and storage technologies in AWS, GCP and/or Azure
Programming experience in Python, Go or Java
Deep security policy subject matter expertise in at least one major public cloud provider (AWS, GCP, Azure)
Experience with deploying and securing SaaS applications and cloud environments at scale
Working experience with CI/CD pipeline, containerization (Kubernetes, Docker, etc) and MicroServices
Knowledge of of IaC (Infrastructure as Code) concepts and implementing standards within them
Understanding of cloud security maturity model frameworks and how to apply them
Strong written and verbal communication skills

Security and Privacy Responsibilities:

This position carries special Security and Privacy Responsibilities for protecting the U.S. Federal Government’s interests:

Know, acknowledge, and follow system-specific security policies and procedures;
Protect data and individual privacy per requirements and regulations;
Perform ongoing activities in compliance with service and contractual obligations;
Participate in role-based training, completing assignments on a timely basis;
Report security issues promptly, and aid investigation when needed;
Support controlled changes and vulnerability remediation activities; and
Work collaboratively with Information Security in designing, implementing, assessing or enhancing system-specific security and privacy controls.

Position Risk Designation:

This position carries duties and responsibilities involving the U.S. Federal Government’s interests. The selected incumbent may be subject to one or both of the additional background checks with periodic re-screening as noted below:

Position Risk Designation: Non-Sensitive, Low Risk, Tier 1

Incumbents without access to U.S. Government data may be required to complete Standard Form 85 and undergo a Tier 1 Investigation (T1) for non-sensitive positions of Low Risk. (Baseline screening; formerly National Agency Check and Inquiries (NACI)).Position Risk Designation: Non-Sensitive, Moderate Risk, Tier 2 (Public Trust)

Incumbents with access to U.S. Government data may be required to complete Standard Form 85P and undergo Tier 2 (T2) Investigation for non-sensitive positions designated Moderate Risk.

Position Risk Designation: Moderate Risk Law Enforcement (CJIS)

When hired for a position where access to Moderate Risk criminal justice information is required, the employee must complete a fingerprint-based national criminal history background check within 30 days after the employee’s start date.

The minimum and maximum base salaries for this role are posted below; additionally, the role is eligible for bonus potential, equity and benefits. The range displayed reflects the minimum and maximum target for new hire salaries for the role based on U.S. location. Within the range, the salary offered will be determined by work location and additional factors, including job-related skills, experience, and relevant education or training.

This is a remote position.

Compensation: $80.00 - $95.00 per hour

About Us

We’re more than Software Company with a creative side. We’re a full-service creative studio with a serious technology background. We take a holistic view of sales and marketing, building digital brands that deliver real value to our client.

As a marketing agency, our innovative digital strategies grab and hold people’s attention, and produce the communication and organizing tools needed for success. With a mix optimized to the specific goals of each client and the character of their target customer demographics, we provide true integration across media platforms and channels.

Our Vision
Inteletech Global, Inc provides consulting services to assist clients with their ongoing demand for changing IT environments. The early 2000s were an exciting time for IT. Digital technology was transforming our lives, and with each innovation, it became clear that digital was the future.
We use our Global Delivery Model for the success of every engagement. Improve effectiveness and efficiency of IT application environments by adopting re-usable software platforms. Our onsite teams work directly with our clients to understand and analyze the current-state of problems and design specifically tailored conceptual solutions.

(if you already have a resume on Indeed)