Staff Security Engineer Federal.
FedRAMP, FISMA, and IL5-adjacent work. You can write threat models and the OPA policies that enforce them.
About the role
You will help clients turn security requirements into working engineering systems, not binders that collect dust.
The role spans threat modeling, control implementation, CI policy, cloud hardening, and evidence workflows.
What you'll do
- Translate security and compliance requirements into concrete platform controls.
- Write and review policy-as-code for CI, Kubernetes, cloud identity, and deployment workflows.
- Partner with platform teams on secure-by-default architecture and evidence collection.
- Support regulated customer conversations with precise technical judgment.
Who you are
- You have built or audited security controls in cloud or platform environments.
- You can explain control intent to engineers and implementation tradeoffs to stakeholders.
- You are comfortable with Linux, networking, cloud IAM, CI/CD, and policy automation.
- You write clearly and prefer evidence over theater.
Bonus, not required
- Federal or regulated workload experience.
- OPA, Conftest, or similar policy tooling.
- Threat modeling for Kubernetes or cloud-native systems.
Interview process
- Application, resume, GitHub, and a short paragraph.
- Engineering chat, 60 minutes with a senior engineer. No whiteboard.
- Take-home, paid, scoped work on a real engineering problem.
- Team day, focused conversations around design, security, and collaboration.
- Offer, written clearly and discussed directly.
Compensation & benefits
Competitive senior-engineer compensation, full-time, remote-first, US. We discuss specifics early in the process so nobody is left guessing.
- Medical, dental, and vision benefits
- Flexible paid time away from work
- Home-office and learning support
- Time for writing, open engineering, and internal platform improvement