[Remote] Senior /Principal Federal Security Engineer
Note: The job is a remote job and is open to candidates in USA. Saviynt is a leader in identity security, providing an AI-powered identity platform that safeguards digital assets for organizations. The Senior/Principal Federal Security Engineer will focus on detection, response, and vulnerability triage, managing the end-to-end lifecycle of threat management, particularly in relation to the FedRAMP Program.ResponsibilitiesDesign and maintain high-fidelity detection rules and analytics across the security stack (SIEM, EDR, CNAPP/CSPM) and cloud environments (AWS, GCP, Azure)Ability to run vulnerability scans, triage results, establish exploitability of reported vulnerabilities, recommend risk mitigation controls, and deploy controls where neededDevelop and refine automated response playbooks for Incident Response (IR) and orchestration (SOAR)Lead the evaluation and integration of security technologies, ensuring scalability, resilience, and compliance. as it pertains to FedRAMP environmentsLead the Detection Lifecycle: Build and maintain our threat detection capabilities, from researching emerging TTPs to writing custom detection logic in our SIEM and EDR platformsIncident Response: Respond to alerts and triage findings coordinating across engineering, security, and leadership teamsModernize Vulnerability Management: Architect and maintain automation to prioritize vulnerabilities (from Code, to Containers, to Cloud) based on risk and exploitability.Automation: Operationalize security tasks by building, developing, and optimizing SOAR playbooks to automate containment and remediationExecute Proactive Threat Hunting: Design and lead hunt missions to identify threats that bypass traditional security controls, utilizing advanced forensics and log correlation techniquesIndustry Awareness: Incorporate industry news, events, IOCs, and other intelligence into our Detection and Response capabilitiesSkillsU.S. Citizenship: Applicants must be United States citizensBachelor's degree or equivalent experience with a minimum of 10 years of experience in Security Engineering, Security Architecture, Federal Security or similarKnowledge of U.S. Federal Government security compliance, risk management processes and requirements, including NIST RMF and NIST SP 800-53 Rev 5 controlsExperience with vulnerability scanning, remediation, and continuous monitoring (ConMon)Requires sufficient technical background to be able to interpret audit and compliance requirements, and be able to support basic evidence gathering needs in support of auditsAbility to provide excellent written and oral communications by email, presentations, and mobile communication platforms (including: experience facilitating discussions, briefing senior managers, and conducting project meetings)Experience with continuous monitoring and Plans of Actions and Milestones (POA&Ms) is a plusKnowledge of local legal and regulatory security requirements including HIPAA, FedRAMP, and GDPR/privacyFlexible and collaborative approach to enabling and supporting the businessMeet US persons on US soil requirementsUndergo full background investigation/screeningUndergo IAL3 requirements (Identity proofing to include I-9 document verification, biometric collection, and mailing address confirmation)Complete security & privacy literacy and awareness training during onboarding and annually thereafterReview (initially and annually thereafter), understand, and adhere to Information Security/Privacy Policies and Procedures such as (but not limited to): Data Classification, Retention & Handling Policy, Incident Response Policy/Procedures, Business Continuity/Disaster Recovery Policy/Procedures, Mobile Device Policy, Account Management Policy, Access Control Policy, Personnel Security Policy, Privacy PolicyCompany OverviewSaviynt offers an AI-based identity security platform that secures and governs all types of identities across digital ecosystems. It was founded in 2010, and is headquartered in El Segundo, California, USA, with a workforce of 1001-5000 employees. Its website is http://saviynt.com.