Sr Application Security Architect- FedRAMP (Remote - US)

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Sr Application Security Architect - FedRAMP in the United States.

This role provides a unique opportunity to shape the security posture of critical applications within a FedRAMP-authorized environment. You will lead the design and implementation of application and cloud security controls, partnering closely with engineering, product, and compliance teams to translate regulatory requirements into actionable technical solutions. Your work will directly impact the safety and reliability of platforms that handle sensitive and life-impacting data. This is a highly collaborative role, involving daily engagement with leadership and technical teams, as well as external stakeholders. You will contribute to threat modeling, secure architecture design, and risk mitigation while driving compliance initiatives in a fast-paced, highly regulated setting. The position allows for autonomy, influence, and the ability to set best practices for security across complex systems.

Accountabilities:

• Define and maintain FedRAMP system boundaries, ensuring compliance and alignment with security standards.
• Drive control implementation, validation, and documentation for System Security Plans (SSP), Assessment Plans (SAP), Assessment Reports (SAR), Plan of Action & Milestones (POA&M), and Continuous Monitoring (ConMon).
• Conduct security and threat model reviews, providing guidance on secure application architecture and cloud deployments.
• Collaborate with engineering, product, and GRC teams to translate compliance requirements into practical, low-friction technical implementations.
• Review application projects and perform secure code evaluations to ensure risk-informed design decisions.
• Represent the organization to government agencies and 3PAOs, explaining design decisions, audit artifacts, and security posture.
• Prioritize and manage security-related initiatives, including vulnerability remediation, architectural feedback, and compliance control implementation.
• Lead projects that advance the organization’s security capabilities and mentor team members on best practices.

• 6+ years of experience in security architecture, threat modeling, and compliance standards application.
• Deep expertise in FedRAMP High and Moderate environments, with experience interfacing with government agencies.
• Strong knowledge of application and cloud security, including AWS and/or Azure platforms.
• Practical understanding of security controls, audit standards, and risk-based application in development environments.
• Proven ability to balance ideal security practices with operational constraints in legacy and modern systems.
• Excellent collaboration skills, with the ability to influence cross-functional teams and mentor engineers.
• Hands-on experience with secure code reviews and technical guidance for development teams.
• Strong communication skills to articulate security priorities, trade-offs, and solutions effectively.
• Humble, pragmatic, and delivery-focused mindset, with the ability to thrive in a fast-paced environment.

Nice to Have:

• Experience in healthcare or other highly regulated industries (HIPAA, HITRUST, SOC 2, PCI).
• Recognized as a technical subject matter expert within previous organizations.