Public Sector Network Architect

Summary

Join Wiz, a rapidly growing cloud security company, as a Public Sector Network Architect. Help guide Wiz through its DISA authorization process and act as the Cloud Network Security SME for AWS, Azure, and GCP. Perform architecture reviews, create detailed diagrams aligning with FedRAMP requirements, and test new features. Collaborate with internal and external stakeholders to address security concerns and improve systems. Contribute to System Security Plans and stay updated on FedRAMP, DISA, and NIST guidelines. Help Wiz meet its security and compliance goals while shaping how Federal Agencies view cloud risk.

Requirements

• 4+ years of experience working as a Federal Cloud Network Architect/Engineer or Federal Network Security Architect/Engineer in AWS (other clouds a plus!)
• Intimate understanding of the DoD CC SRG in relation to the BCAP connection process, DoD PKI, DNS, and other technical requirements
• Firsthand experience designing architecture in public cloud environments around the DoD CC SRG technical requirements and guiding a CSP (SaaS preferred) through an IL4 or IL5 ATO
• Expertise architecting networking solutions in public cloud using cloud native services, while following cloud security best practices
• Hands-on experience with cloud native environments utilizing containers (Kubernetes), microservices, IaC (infrastructure as code) and configuration management tools
• Familiarity with CI/CD, GitOPs and automated build, test, and release processes
• A strong sense of taking ownership for projects and leading them from start to finish
• Ability to translate compliance requirements to technical outcomes
• Ability to think outside the box when working with compliance frameworks by implementing technical solutions that meet the spirit of controls, vs. the written guidance
• Knowledge of and ability to evaluate controls and requirements against NIST 800-53, DoD CC SRG, DISA STIGs etc
• Knowledge of FIPS and other encryption methodologies needed to meet federal requirements
• A thirst to use Wiz and learn everything the product can do
• Candidates must meet EAR part 772 and ITAR 120.15 definition of a U.S. person (Any individual who is granted U.S. citizenship; or any individual who is granted U.S. permanent residence (green card holder); or any individual who is granted status as a “protected person”) and that they reside in the contiguous United States

Responsibilities

• Help guide Wiz through its DISA authorization journey!
• Act as the Cloud Network Security SME for all matters related to network security across AWS, Azure, and GCP
• Perform architecture reviews and provide federal architecture requirements to help bring new features to Wiz4Gov
• Ownership and crafting of detailed diagrams that align with FedRAMP ABD, NFD and DFD requirements, using tools like LucidChart, Visio, etc
• Help test and validate new features to see their value for customer’s as well as help Wiz meet its own security and compliance goals
• Work collaboratively with internal and external stakeholders, including DevOps teams, engineering teams, compliance officers, public sector operations and auditors, to address security-related concerns and make recommendations for improvements
• Provide technical input into the development of System Security Plans (SSP), working with third-party assessment organizations (3PAOs) to achieve new authorizations, implement significant changes, etc
• Stay up to date with the latest FedRAMP, DISA and NIST guidelines and ensure that systems and processes adhere to these standards, addressing any compliance issues promptly

Benefits

• Medical, dental and vision insurance
• Home Office Setup reimbursement
• Flexible Spending Accounts
• Monthly Connectivity reimbursement
• Employee Assistance Program (EAP)
• Short- and Long-term Disability Insurance
• Life & Accident Insurance
• 401(k) Retirement Savings Plan (with employer match)
• Flexible paid time off + 11 paid holidays
• Paid leave programs, including parental, pregnancy health, medical and bereavement leave