Be an early applicantLess than 25 applicants

Company

Noblis · 15 hours ago

FedRAMP Security Assurance Automation Developer (Multiple Levels)

United States

Full-time

Remote

Entry, Mid, Senior Level

$62K/yr - $170K/yr

8+ years exp

Maximize your interview chances

Environmental ConsultingInformation Technology

Growth Opportunities

No H1B

U.S. Citizen Only

Security Clearance Required

Insider Connection @Noblis

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

OSCAL Integration: Work closely with our FedRAMP teams to integrate OSCAL machine readable data formats into our software solutions, to ensure that cloud service offering (CSO) security controls are accurately represented, implemented, and are capable of being assessed in an automated way.

Automation Implementation: Develop, enhance, and maintain software components that enable automated review, validation, and assessment of CSO control implementations. Additionally, ensure developed solutions enable scaling FedRAMP authorization and continuous monitoring processes to support hundreds of current and new FedRAMP CSOs.

Collaboration: Collaborate with cross-functional teams to create robust and secure OSCAL-capable solutions for processing documents (e.g. SSP, SAP, SAR, and POA&M) submitted by cloud service provider (CSP) and 3PAOs, and sharing pertinent information (e.g. via APIs and dashboards) with stakeholders, including cloud service providers’ federal agency customers.

Documentation: Create and maintain detailed documentation of software designs, implementations, and compliance measures, facilitating transparency and knowledge transfer within the team.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

OSCALNIST standardsJavaPythonC#TypeScriptNodeJSGoLangXMLJSONYAMLCI/CDAPIsLinuxCybersecurity complianceNIST RMFISO/IEC 27001SchematronXSDXSLTXPathHTMLMarkdown

Required

While experience with Open Security Controls Assessment Language (OSCAL) is essential, we will consider relevant experience operationalizing NIST standards for automating assessments, such as Security Content Automation Protocol (SCAP) and Open Vulnerability and Assessment Language (OVAL).

Proficient in programming languages such as Java, C#, Python, TypeScript, NodeJS, and GoLang.

Extensive experience with structured data formats such as XML, JSON, and YAML.

Experience developing scripts for continuous integration / continuous development (CI/CD) environment pipelines.

Experience implementing and/or integrating with APIs.

Experience working in a Linux-based environment, including familiarity with containers.

Proven experience as a software developer, with a focus on cybersecurity compliance.

Strong understanding of NIST Risk Management Framework (RMF), ISO/IEC 27001, and others.

Excellent problem-solving skills and the ability to work in a collaborative team environment.

Strong communication skills, both written and verbal.

Must be an US citizen and able to obtain a public trust.

Bachelor's or Master’s degree in Computer Science, Software Engineering, or a related field plus 1 years of experience; or associate degree + 4 years of experience; or high school + 7 years of experience for Jr level.

Bachelor's degree in Computer Science, Software Engineering, or a related field plus 5 years of experience; Or master's degree + 3 years of experience; or associate degree + 8 years of experience; Or high school + 11 years of experience for Mid level.

Bachelor's degree in Computer Science, Software Engineering, or a related field plus 8 years of experience; or master's degree + 6 years of experience; or associate degree + 11 years of experience; or high school + 14 years of experience for Senior level.