This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
The Corporate & Public Sector Strategy Team aims to accelerate Wiz’s growth by developing a comprehensive strategy, in tight partnership with all other organizations, to drive customer value and adoption. We are seeking an experienced Senior Compliance Operations Engineer that will contribute to the operationalization, sustainment, and continuous improvement of our FedRAMP High and DoD IL5 compliant cloud environments. This senior individual contributor role bridges compliance requirements with real-world engineering practices, ensuring our cloud services meet stringent federal and defense standards while maintaining high availability, security, and audit-readiness. You will serve as a key technical SME on NIST SP 800-53 controls, translate regulatory mandates into automated controls and monitoring, lead continuous monitoring activities, oversee remediation efforts, and play a major role in assessments/audits. This position requires deep hands-on experience implementing and operating compliance in FedRAMP High + DoD IL5 cloud systems.
Job Responsibility:
Document security controls and architectures that satisfy FedRAMP High baseline requirements and DoD Cloud Computing Security Requirements Guide (SRG) overlays for Impact Level 5
Oversee continuous monitoring (ConMon) programs including vulnerability scanning, configuration monitoring, log aggregation/analysis, boundary protection validation, and monthly/ongoing reporting
Translate NIST 800-53 Rev. 5 controls and DoD-specific enhancements into operational requirements
partner with engineering, DevOps, and product teams to embed compliance into their processes
Lead preparation, evidence collection, and remediation for FedRAMP reassessments, 3PAO audits, DoD Provisional Authorizations, Significant Change Requests (SCRs), and contribute to Plan of Action & Milestones (POA&M) management
Automate compliance validation for control implementation verification and drift detection
Conduct technical risk assessments, root-cause analysis on compliance findings, and provide guidance for implementation of compensating controls or hardening measures in cloud environments
Support incident response and boundary protection activities in IL5 environments
Maintain and update compliance documentation including System Security Plans (SSP), control implementation descriptions, architectural diagrams, and boundary definitions
Collaborate cross-functionally with legal, product, engineering, and federal customer teams to scope new features/services while preserving authorization boundaries
Mentor others on FedRAMP/DoD compliance best practices and contribute to internal training programs
Align and coordinate complex, cross-functional federal programs/projects which include FedRAMP and/or DoD authorizations and/or the operational process requirements needed to meet ongoing operational requirements
Requirements:
7+ years of hands-on experience in cloud security engineering, compliance operations, or GRC roles
At least 4+ years directly supporting FedRAMP Moderate/High and DoD IL4/IL5 authorizations
In-depth expertise in NIST SP 800-53 Rev. 5, FedRAMP baselines (especially High), DoD Cloud SRG, and associated control overlays for IL5
Proven track record implementing and operating continuous monitoring in production FedRAMP and DoD IL4/IL5 environments
Experience with DoD-specific tools/processes (e.g., eMASS, ACAS, HBSS, STIGs)
Experience with DoD BCAP architecture and configuration
Strong experience with cloud platforms in government spaces (AWS GovCloud, Azure Government, Google Cloud for Government, or equivalent)
Proficiency in automation/scripting (Python, Bash, PowerShell) and Infrastructure as Code (Terraform, Ansible, Puppet/Chef preferred)
Familiarity with tools for compliance automation and scanning (e.g., Chef InSpec, OpenSCAP, Qualys, Tenable, AWS-native tools, Azure Security Center)
U.S. Citizenship required
Knowledge of additional frameworks that overlap with FedRAMP/DoD (e.g., CMMC, NIST 800-171/172, FISMA)
Applicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship
Nice to have:
Ability to obtain and maintain a U.S. Secret or higher security clearance (active clearance strongly preferred)
Active security certifications such as CISSP, CCSP, CISM, AWS/GCP/Azure Security Specialty, or DoD 8570/8140 IAT Level III / IAM Level III
What we offer:
Medical, dental and vision insurance
Home Office Setup reimbursement
Flexible Spending Accounts
Monthly Connectivity reimbursement
Employee Assistance Program (EAP)
Short- and Long-term Disability Insurance
Life & Accident Insurance
401(k) Retirement Savings Plan (with employer match)
Flexible paid time off + 11 paid holidays
Paid leave programs, including parental, pregnancy health, medical and bereavement leave