Jobs · himalayas
Sr Application Security Architect- FedRAMP
Northwind Robotics · United States · Posted 28d ago
About the role
Guide engineering teams on security practices within a FedRAMP authorized environment.
Northwind Robotics is a data platform company and the world’s leader in health data exchange. Our vision is that every healthcare decision is powered by the right data, at the right time, in the right format. Our platform is powered by the largest, most diverse health data network in the U.S., enabling data to be secure, accessible and usable to inform better health decisions. Northwind Robotics is trusted by the world’s leading life sciences companies, government agencies, and those who deliver and pay for care. By joining Northwind Robotics today, you’re stepping onto a high-performing, values-driven team. Together, we’re rising to the challenge of tackling some of healthcare’s most complex problems with technology-forward solutions. Northwind Robotics ers bring a diversity of professional, educational and life experiences to realize our bold vision for healthcare. What We’re Looking For: As a Sr Application Security Architect, you will be focused on guiding Northwind Robotics ’s engineering teams operating in a FedRAMP authorized environment. You will engage heavily with leadership and individual contributors, making prioritized security recommendations and help translate compliance requirements into concrete actions. You Will: Focus primarily on securing Northwind Robotics ’s Life Sciences platform within the FedRAMP boundary, ensuring the systems that power data exchange and analytics for clinical and research partners remain compliant, performant, and secure. This supports meaningful, life-impacting use cases. Work directly with security senior leadership to ensure maturity, depth, and coverage of security controls. You’ll be expected to interface with our Development Engineering leadership as well as Security Engineering leadership daily Build the cases and represent changes in the Northwind Robotics boundary to US governmental agencies Define and maintain the FedRAMP system’s boundary, drive control implementation and validation, and manage the technical portions of the System Security Plan (SSP), System Assessment Plan (SAP), System Assessment Report (SAR), Plan of Action Milestones (POAM), and Continuous Monitoring (ConMon) submissions. Prepare for and support annual FedRAMP 3PAO assessments by validating control evidence, resolving findings, and reviewing audit artifacts. Drive Significant Change Request (SCR) reviews by evaluating proposed architecture changes, assessing security impact, and preparing updated boundary diagrams and control evidence. Partner with GRC, Platform, Product, and Engineering teams to translate compliance requirements into actionable technical tasks. Act as the primary security point of contact for 3PAOs, agency reviewers, and internal stakeholders to facilitate walkthroughs, explain design decisions, and ensure technical accuracy in all submissions. Help facilitate quarterly planning discussions by providing strategic prioritization of all security-related requests, including (but not limited to) architectural feedback, vulnerability remediation, compliance control implementation, etc. Translate compliance control intent into modern engineering workflows. Rather than applying controls literally, decompose their requirements into their core assurance goals, then rebuild them as scalable, low-friction implementations that achieve the same assurance (or better) through automation, auditable development workflows, and practical risk management Review application projects our development teams build. This will mean putting eyes on code through secure code reviews as well as working with the teams to understand the broad architecture of systems being built. You’ll be very comfortable providing control feedback in a review environment to development teams. This role is not merely a +1, you’ll be adept at using your knowledge to the application of practical risk management. Own and conduct security/threat model reviews and provide expertise on AppSec and security architecture-related topics Own new projects for advancing security in our environment. Be the deep technical expert and collaborate with others on the teams to ensure project success. Your impact here cannot be understated, you are a core contributor and have deep influence to empower Northwind Robotics greatness What You Need to Succeed: You are humble Deep experiencing representing companies to government agencies for FedRAMP High and Moderate environments Have a deep understanding of Application and Cloud security. You’ll use this knowledge to provide architectural reviews and contributions to our development teams Have a strong understanding of security controls, both those that exist in audit standards as well as practical controls that can help reduce risk and increase safety in application development environments and AWS and/or Azure You understand how the broad parts of a security team function and operate in unison You can articulate start to finish what role security should play in ideation and build with development teams You have opinions and options on most of the steps You are a co
Read the full posting on himalayas →
FAQ
Is the Sr Application Security Architect- FedRAMP role at Northwind Robotics remote?+
This Sr Application Security Architect- FedRAMP position is listed as remote (United States).
What is the salary for the Sr Application Security Architect- FedRAMP role at Northwind Robotics?+
The listing states Estimated 100k-231k USD.
What seniority level is this Sr Application Security Architect- FedRAMP role?+
This is a senior level position.
How do I apply for the Sr Application Security Architect- FedRAMP role at Northwind Robotics?+
Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Northwind Robotics.