Senior Compliance Operations Engineer - Public Sector

SUMMARY

The Corporate & Public Sector Strategy Team aims to accelerate Wiz’s growth by developing a comprehensive strategy, in tight partnership with all other organizations, to drive customer value and adoption. As we continue to grow at an incredible speed, we work to ensure each sales team member is set up for success at every phase. We take both a bird’s eye view and dive into the weeds to solve problems as a team to drive employee success and revenue. 

We are seeking an experienced Senior Compliance Operations Engineer that will contribute to the operationalization, sustainment, and continuous improvement of our FedRAMP High and DoD IL5 compliant cloud environments. This senior individual contributor role bridges compliance requirements with real-world engineering practices, ensuring our cloud services meet stringent federal and defense standards while maintaining high availability, security, and audit-readiness.

You will serve as a key technical SME on NIST SP 800-53 controls (tailored for FedRAMP High and DoD SRG IL5 overlays), translate regulatory mandates into automated controls and monitoring, lead continuous monitoring activities, oversee remediation efforts, and play a major role in assessments/audits. This position requires deep hands-on experience implementing and operating compliance in FedRAMP High + DoD IL5 cloud systems (AWS GovCloud, Azure Government, or equivalent).

You will be asked to quickly learn the challenges of the business and find ways to simplify processes within our compliance operations to increase productivity and efficiency. More importantly, the role requires a personality that promotes collaboration and unity.  

WHAT YOU’LL DO

• Document security controls and architectures that satisfy FedRAMP High baseline requirements and DoD Cloud Computing Security Requirements Guide (SRG) overlays for Impact Level 5 (including handling of high-sensitivity CUI and unclassified National Security Systems).
• Oversee continuous monitoring (ConMon) programs including vulnerability scanning, configuration monitoring, log aggregation/analysis, boundary protection validation, and monthly/ongoing reporting to meet FedRAMP and DoD expectations.
• Translate NIST 800-53 Rev. 5 controls and DoD-specific enhancements into operational requirements; partner with engineering, DevOps, and product teams to embed compliance into their processes.
• Lead preparation, evidence collection, and remediation for FedRAMP reassessments, 3PAO audits, DoD Provisional Authorizations, Significant Change Requests (SCRs), and contribute to Plan of Action & Milestones (POA&M) management.
• Automate compliance validation for control implementation verification and drift detection.
• Conduct technical risk assessments, root-cause analysis on compliance findings, and provide guidance for implementation of compensating controls or hardening measures in cloud environments.
• Support incident response and boundary protection activities in IL5 environments, ensuring alignment with DoD policies for mission-critical workloads.
• Maintain and update compliance documentation including System Security Plans (SSP), control implementation descriptions, architectural diagrams, and boundary definitions.
• Collaborate cross-functionally with legal, product, engineering, and federal customer teams to scope new features/services while preserving authorization boundaries.
• Mentor others on FedRAMP/DoD compliance best practices and contribute to internal training programs.
• Align and coordinate complex, cross-functional federal programs/projects which include FedRAMP and/or DoD authorizations and/or the operational process requirements needed to meet ongoing operational requirements.

WHAT YOU’LL BRING

• 7+ years of hands-on experience in cloud security engineering, compliance operations, or GRC roles, with at least 4+ years directly supporting FedRAMP Moderate/High and DoD IL4/IL5 authorizations.
• In-depth expertise in NIST SP 800-53 Rev. 5, FedRAMP baselines (especially High), DoD Cloud SRG, and associated control overlays for IL5.
• Proven track record implementing and operating continuous monitoring in production FedRAMP and DoD IL4/IL5 environments, including vulnerability management, configuration compliance, and audit evidence generation.
• Experience with DoD-specific tools/processes (e.g., eMASS, ACAS, HBSS, STIGs).
• Experience with DoD BCAP architecture and configuration.
• Strong experience with cloud platforms in government spaces (AWS GovCloud, Azure Government, Google Cloud for Government, or equivalent) and associated security services.
• Proficiency in automation/scripting (Python, Bash, PowerShell) and Infrastructure as Code (Terraform, Ansible, Puppet/Chef preferred).
• Familiarity with tools for compliance automation and scanning (e.g., Chef InSpec, OpenSCAP, Qualys, Tenable, AWS-native tools, Azure Security Center).
• U.S. Citizenship required (due to handling of CUI and potential access to controlled environments).
• Knowledge of additional frameworks that overlap with FedRAMP/DoD (e.g., CMMC, NIST 800-171/172, FISMA).

Preferred Qualifications

• Ability to obtain and maintain a U.S. Secret or higher security clearance (active clearance strongly preferred).
• Active security certifications such as CISSP, CCSP, CISM, AWS/GCP/Azure Security Specialty, or DoD 8570/8140 IAT Level III / IAM Level III.

Candidates must meet EAR part 772 and ITAR 120.15 definition of a U.S. person (Any individual who is granted U.S. citizenship; or any individual who is granted U.S. permanent residence (green card holder); or any individual who is granted status as a “protected person”) and that they reside in the contiguous United States.