Remote role || Senior Security Engineers / Compliance Analysts

Remote role || Senior Security Engineers / Compliance Analysts

Posted Today by HAN IT Staffing Inc.

Negotiable
Undetermined
Remote
Remote

Summary: The role of Senior Security Engineers / Compliance Analysts involves building and defending a security authorization program for State and Federal clients. Candidates will work closely with engineering teams to implement and validate technical security controls while ensuring compliance with strict regulatory frameworks. A combination of technical security expertise and compliance writing skills is essential for success in this position.

Key Responsibilities:

  • Author and maintain high-quality System Security Plans (SSPs), architectural diagrams, and security control narratives.
  • Lead exercises to cleanly define and document System Boundaries for multi-tenant and hybrid-cloud environments.
  • Own the lifecycle of vulnerability remediation by managing and maintaining Plans of Action and Milestones (POAMs) and regulatory reporting.
  • Collaborate directly with engineering/DevOps squads to implement technical controls (encryption, identity, logging) meeting exact regulatory requirements.

Key Skills:

  • 8+ years of direct experience with government security compliance programs, specifically FedRAMP, FISMA, or ARC-AMPE.
  • Deep, practical familiarity with implementing the HIPAA Security Rule within commercial technology environments.
  • Strong understanding of security controls within modern multi-tenant cloud or hybrid structures.
  • Experience in Pharmacy/PBM data compliance is a major plus.

Salary (Rate): undetermined

City: undetermined

Country: undetermined

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Job Title: Senior Security Engineers / Compliance Analysts

Location: Remote
Duration: 6+ Months

Job Description:

Senior Security Engineers / Compliance Analysts to build out and defend our security authorization program for State and Federal clients.

You will work hands-on with engineering teams to map, implement, and validate technical security controls that satisfy strict contractual and regulatory frameworks.

This role requires a balance of deep technical security knowledge and structured compliance writing.

Key Responsibilities Authorization Artifacts:

Author and maintain high-quality System Security Plans (SSPs), architectural diagrams, and security control narratives.

Boundary Definition: Lead exercises to cleanly define and document System Boundaries for multi-tenant and hybrid-cloud environments.

Continuous Monitoring & POAMs: Own the lifecycle of vulnerability remediation by managing and maintaining Plans of Action and Milestones (POAMs) and regulatory reporting.

Controls Implementation: Collaborate directly with engineering/DevOps squads to implement technical controls (encryption, identity, logging) meeting exact regulatory requirements.

Required Qualifications Federal Framework Mastery:

8+ years of direct experience with government security compliance programs, specifically FedRAMP, FISMA, or ARC-AMPE.

Healthcare Security: Deep, practical familiarity with implementing the HIPAA Security Rule within commercial technology environments.

Technical Environment:

Strong understanding of security controls within modern multi-tenant cloud or hybrid structures. Experience in Pharmacy/PBM data compliance is a major plus