ecurity Compliance Engineer
Summary
| Title: | ecurity Compliance Engineer |
|---|---|
| ID: | 10290 |
| Department: | Information Technology |
| Location : | Vienna, VA |
Description
Clearance: Active Secret or above
Responsibilities:
The Security Compliance Engineer is responsible for:
Vulnerability Management & Assessment:
Continuously monitor the analytics environment for vulnerabilities using approved scanning and assessment tools.
Coordinate with the central security team to prioritize findings, track remediation efforts, and ensure timely resolution in compliance with organizational policies.
Coordinate with product teams to provide vulnerability remediation and guidance. Research and present mitigation strategies.
Compliance Coordination & Documentation:
Maintain, update, and track the status of POA&Ms for all identified vulnerabilities within the analytics landscape.
Ensure timely and accurate reporting of compliance posture for internal and external audits.
Drive the implementation and continuous assessment of FedRAMP and NIST 800-53 controls across the analytics environment.
Prepare evidence and documentation for audit, and support all phases of the compliance lifecycle
Skills:
Proficiency in Databricks configuring Private Link, Databricks cluster logging, Serverless egress controls, and using Customer Managed Keys AWS Guardrails with Bedrock, GuardDuty, Inspector, Config, Security Hub, Inspector, CloudTrail, and CloudWatch. Strong awareness of IL4 compliance, risk management, and cloud-native security best practices.
Responsibilities:
The Security Compliance Engineer is responsible for:
Vulnerability Management & Assessment:
Continuously monitor the analytics environment for vulnerabilities using approved scanning and assessment tools.
Coordinate with the central security team to prioritize findings, track remediation efforts, and ensure timely resolution in compliance with organizational policies.
Coordinate with product teams to provide vulnerability remediation and guidance. Research and present mitigation strategies.
Compliance Coordination & Documentation:
Maintain, update, and track the status of POA&Ms for all identified vulnerabilities within the analytics landscape.
Ensure timely and accurate reporting of compliance posture for internal and external audits.
Drive the implementation and continuous assessment of FedRAMP and NIST 800-53 controls across the analytics environment.
Prepare evidence and documentation for audit, and support all phases of the compliance lifecycle
Skills:
Proficiency in Databricks configuring Private Link, Databricks cluster logging, Serverless egress controls, and using Customer Managed Keys AWS Guardrails with Bedrock, GuardDuty, Inspector, Config, Security Hub, Inspector, CloudTrail, and CloudWatch. Strong awareness of IL4 compliance, risk management, and cloud-native security best practices.
