FedRAMP Cloud Security Engineer

FedRAMP Cloud Security Engineer : Microsoft Defender for Cloud and Azure Purview to provide view of the FedRAMP posture, Vulnerability & Patch Orchestration for FedRAMP remediation timelines, Secrets & Key Management using manage lifecycle cryptographic keys and service secrets within Azure Key Vault, Azure Sentinel (SIEM) activity within the FedRAMP boundary
Job Summary
Seeking FedRAMP Cloud Security Engineers (USC, Onshore) to architect and secure Azure environments, enforce NIST 800-53 controls, build compliant networks, manage IAM, automate patching, monitor compliance, respond to incidents, and support audit readiness. Expertise in Terraform/Bicep, Azure Policy, Sentinel, and Key Vault required.
Responsibilities

• - Architect and secure Azure cloud environments tailored for banking-grade isolation using Virtual Networks (VNets), Hub-and-Spoke architectures, and Azure Firewall/WAF configurations.
• - Enforce NIST 800-53 controls throughout the Azure environment to ensure FedRAMP compliance.
• - Build and maintain compliant network infrastructure, incorporating best practices for security and scalability.
• - Manage Identity and Access Management (IAM), including Azure Active Directory (Entra ID), Conditional Access Policies, Multi-Factor Authentication (MFA), and alignment with FedRAMP PIV/CAC requirements.
• - Automate patching for Virtual Machines and Containers, ensuring timely remediation within strict FedRAMP timelines (30/60/90 days).
• - Monitor continuous compliance using tools like Microsoft Defender for Cloud and Azure Purview, providing oversight of the FedRAMP posture and preventing unauthorised changes post-build.
• - Manage secrets and cryptographic keys lifecycle within Azure Key Vault, including hardware security module (HSM) integration for FedRAMP High requirements. - Respond to security incidents by configuring and managing Azure Sentinel (SIEM) workbooks to detect and alert on anomalous activity within the FedRAMP boundary.
• - Support audit readiness by actively managing the Plan of Action and Milestones (POA&M), collaborating with auditors, and providing automated evidence for annual assessments. - Promote secure code and configuration through the Test Dev
• Prod pipeline, ensuring that security guardrails are inherited at every stage and preventing manual drift.
• - Utilise Terraform/Bicep, Azure Policy, Azure Sentinel, and Azure Key Vault to implement and automate security controls and infrastructure management.

Certifications Required
Mandatory Skills
Microsoft Defender for Cloud and Azure Purview to provide view of the FedRAMP posture - Expert
Vulnerability & Patch Orchestration for FedRAMP remediation- Expert
Secrets & Key Management using manage lifecycle cryptographic keys and service secrets within Azure Key Vault- Expert
Azure Sentinel (SIEM) activity within the FedRAMP boundary- Expert
Salary And Other Compensation
The annual salary for this position depends on the experience and other qualifications of the successful candidate.
This position is also eligible for Cognizant’s discretionary annual incentive program, based on performance and subject to the terms of Cognizant’s applicable plans.
Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:

• Medical/Dental/Vision/Life Insurance
• Paid holidays plus Paid Time Off
• 401(k) plan and contributions
• Long-term/Short-term Disability
• Paid Parental Leave
• Employee Stock Purchase Plan

Please note, this role is not able to offer visa transfer or sponsorship now or in the future.
Disclaimer: The benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.