FedRamp Product Security Engineer

Red Hat District of Columbia, United States

Join to apply for the FedRamp Product Security Engineer role at Red Hat

Red Hat District of Columbia, United States

4 days ago Be among the first 25 applicants

Join to apply for the FedRamp Product Security Engineer role at Red Hat

At Red Hat, we connect an innovative community of customers, partners, and contributors to deliver an open source stack of trusted, high-performing solutions. We offer cloud, Linux, middleware, storage, and virtualization technologies, together with award-winning global customer support, consulting, and implementation services. Red Hat is a rapidly growing company supporting more than 90% of Fortune 500 companies.

The Red Hat Product Security Compliance team is seeking a knowledgeable and proactive Product Security Engineer to achieve our security and compliance objectives. The team is growing, and we have a big vision, particularly as it relates to increasingly complex compliance standards like FedRAMP and burgeoning digital sovereignty laws worldwide. In this role, you should have an excellent ability to solve problems using your in-depth technical understanding of information systems and computing solutions. Be a team player who works and coordinates well with the team.

Red Hat embraces a remote working culture and promotes work flexibility. This team, and many of the people you would work with, are remote, and you would be welcome to work from home as well.

• Responsible for the security and compliance of systems related to our Digital Sovereign Commercial and FedRAMP environments.
• Lead technical discussions across multi-functional engineering teams and third-party auditors.
• Support the continuous improvement of the Red Hat environments through automation and process maturation.
• Support the downstream integration of open-source projects; collaborate to develop and implement Red Hat-specific capabilities from the upstream.
• Research and analyze new tools, technologies, and services for technical suitability within a containerized environment.
• Serve as an evangelist of security and compliance both inside Red Hat and externally, with partners or within the open-source community.

• Experience supporting systems to obtain Authorization through the FedRAMP or RMF process is essential.
• Must be a US Citizen for FedRAMP.
• Knowledge of cloud security practices and technologies is essential.
• Experience securing and supporting compliance efforts in hybrid-cloud environments.
• Experience working with Kubernetes, OpenShift, or similar technologies.
• Experience with programming, scripting, and markup languages, such as Go, Python, and XML, as well as automation tools.
• Proven track record of working effectively remotely and in a self-directed capacity.
• Ability to analyze security controls, assess risks, and design control measures in line with FedRAMP standards.
• Strong communication skills, capable of presenting technical compliance concepts to both technical and non-technical audiences.
• Familiarity with cloud service provider environments (e.g., AWS, Azure) and relevant security tools (e.g., vulnerability management).
• Relevant certifications such as CISSP, CISM, CCSP, or CISA are a plus.
• Experience with open-source software is a plus.
• Interest in AI is also a plus.
• US citizenship.

The salary range for this position is $105,860.00 - $169,340.00. Actual offers will be based on your qualifications.

Red Hat determines compensation based on several factors including but not limited to job location, experience, skills, training, external market value, and internal pay equity. This position may be eligible for bonuses, commissions, or equity. For remote US positions, the salary range may vary based on location but will be aligned with job duties and experience.

Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver high-performing Linux, cloud, container, and Kubernetes technologies. Our global team works flexibly across environments, from in-office to fully remote. We value creativity, passion, and collaboration, fostering an inclusive environment where all ideas are welcomed and celebrated.