Network Architect

Summary

Join Wiz, a rapidly growing cloud security company, as a Public Sector Network Architect. You will play a key role in shaping how federal agencies approach cloud risk, guiding Wiz through FedRAMP, DoD, and other public sector initiatives. This position requires expertise in cloud network security, federal architecture requirements, and compliance standards. You will collaborate with internal and external stakeholders, design secure architectures, and ensure compliance with regulations. The ideal candidate possesses extensive experience in federal cloud environments and a deep understanding of relevant compliance frameworks. Wiz offers a unique opportunity to make a significant impact in a dynamic and growing market.

Requirements

• 4+ years of experience working as a Federal Cloud Network Architect/Engineer or Federal Network Security Architect/Engineer in AWS (other clouds a plus!)
• Intimate understanding of the DoD CC SRG in relation to the BCAP connection process, DoD PKI, DNS, and other technical requirements
• Firsthand experience designing architecture in public cloud environments around the DoD CC SRG technical requirements and guiding a CSP (SaaS preferred) through an IL4 or IL5 ATO
• Expertise architecting networking solutions in public cloud using cloud native services, while following cloud security best practices
• Hands-on experience with cloud native environments utilizing containers (Kubernetes), microservices, IaC (infrastructure as code) and configuration management tools
• Familiarity with CI/CD, GitOPs and automated build, test, and release processes
• A strong sense of taking ownership for projects and leading them from start to finish
• Ability to translate compliance requirements to technical outcomes
• Ability to think outside the box when working with compliance frameworks by implementing technical solutions that meet the spirit of controls, vs. the written guidance
• Knowledge of and ability to evaluate controls and requirements against NIST 800-53, DoD CC SRG, DISA STIGs etc
• Knowledge of FIPS and other encryption methodologies needed to meet federal requirements
• A thirst to use Wiz and learn everything the product can do
• Candidates must meet EAR part 772 and ITAR 120.15 definition of a U.S. person (Any individual who is granted U.S. citizenship; or any individual who is granted U.S. permanent residence (green card holder); or any individual who is granted status as a “protected person”) and that they reside in the contiguous United States

Responsibilities

• Help guide Wiz through its DISA authorization journey!
• Act as the Cloud Network Security SME for all matters related to network security across AWS, Azure, and GCP
• Perform architecture reviews and provide federal architecture requirements to help bring new features to Wiz4Gov
• Ownership and crafting of detailed diagrams that align with FedRAMP ABD, NFD and DFD requirements, using tools like LucidChart, Visio, etc
• Help test and validate new features to see their value for customer’s as well as help Wiz meet its own security and compliance goals
• Work collaboratively with internal and external stakeholders, including DevOps teams, engineering teams, compliance officers, public sector operations and auditors, to address security-related concerns and make recommendations for improvements
• Provide technical input into the development of System Security Plans (SSP), working with third-party assessment organizations (3PAOs) to achieve new authorizations, implement significant changes, etc
• Stay up to date with the latest FedRAMP, DISA and NIST guidelines and ensure that systems and processes adhere to these standards, addressing any compliance issues promptly

Preferred Qualifications

If your experience is close but doesn’t fulfill all requirements, please apply

Benefits

#LI-Remote