Public Sector Network Architect (East Coast)

SUMMARY

We’re looking for a Public Sector Network Architect to join us in spreading the power of Wiz. Wiz is looking to change how Federal Agencies/Customers look at risk in the Cloud. We need someone who wants to help drive this vision by working on the Public Sector Architecture team, guiding Wiz through future FedRAMP, DoD and other Public Sector initiatives. 

WHAT YOU’LL DO

• Help guide Wiz through its DISA authorization journey! 

• Act as the Cloud Network Security SME for all matters related to network security across AWS, Azure, and GCP. 

• Perform architecture reviews and provide federal architecture requirements to help bring new features to Wiz4Gov. 

• Ownership and crafting of detailed diagrams that align with FedRAMP ABD, NFD and DFD requirements, using tools like LucidChart, Visio, etc. 

• Help test and validate new features to see their value for customer’s as well as help Wiz meet its own security and compliance goals. 

• Work collaboratively with internal and external stakeholders, including DevOps teams, engineering teams, compliance officers, public sector operations and auditors, to address security-related concerns and make recommendations for improvements.  

• Provide technical input into the development of System Security Plans (SSP), working with third-party assessment organizations (3PAOs) to achieve new authorizations, implement significant changes, etc. 

• Stay up to date with the latest FedRAMP, DISA and NIST guidelines and ensure that systems and processes adhere to these standards, addressing any compliance issues promptly. 

WHAT YOU’LL BRING

• 4+ years of experience working as a Federal Cloud Network Architect/Engineer or Federal Network Security Architect/Engineer in AWS (other clouds a plus!). 

• Intimate understanding of the DoD CC SRG in relation to the BCAP connection process, DoD PKI, DNS, and other technical requirements. 

• Firsthand experience designing architecture in public cloud environments around the DoD CC SRG technical requirements and guiding a CSP (SaaS preferred) through an IL4 or IL5 ATO. 

• Expertise architecting networking solutions in public cloud using cloud native services, while following cloud security best practices. 

• Hands-on experience with cloud native environments utilizing containers (Kubernetes), microservices, IaC (infrastructure as code) and configuration management tools. 

• Familiarity with CI/CD, GitOPs and automated build, test, and release processes. 

• A strong sense of taking ownership for projects and leading them from start to finish. 

• Ability to translate compliance requirements to technical outcomes. 

• Ability to think outside the box when working with compliance frameworks by implementing technical solutions that meet the spirit of controls, vs. the written guidance. 

• Knowledge of and ability to evaluate controls and requirements against NIST 800-53, DoD CC SRG, DISA STIGs etc. 

• Knowledge of FIPS and other encryption methodologies needed to meet federal requirements.  

• A thirst to use Wiz and learn everything the product can do. 

Candidates must meet EAR part 772 and ITAR 120.15 definition of a U.S. person (Any individual who is granted U.S. citizenship; or any individual who is granted U.S. permanent residence (green card holder); or any individual who is granted status as a “protected person”) and that they reside in the contiguous United States.

#LI-Remote