Senior /Principal Federal Security Engineer

Senior / Principal Federal Security Engineer

Saviynt's AI-powered identity platform manages and governs human and non-human access to all of an organization's applications, data, and business processes. Customers trust Saviynt to safeguard their digital assets, drive operational efficiency, and reduce compliance costs. Built for the AI age, Saviynt is today helping organizations safely accelerate their deployment and usage of AI. Saviynt is recognized as the leader in identity security, with solutions that protect and empower the world’s leading brands, Fortune 500 companies and government institutions. For more information, please visit www.saviynt.com.

Job Overview

The Senior/Principal Federal Security Engineer reports into Federal Information Security leadership, and will specialize in detection, response, and vulnerability triage. They will also serve as a high-level technical authority responsible for the end-to-end lifecycle of threat management. This hands-on engineering role will own the systems that identify and mitigate organizational risk as they relate primarily to the FedRAMP Program (FedRAMP Moderate and FedRAMP High).

Requirements

The candidate should be familiar with policy and compliance requirements, including policy documentation and system requirements to successfully respond to potential audits as well as prior experience operating in Federally regulated environments.

Core Responsibilities

• Design and maintain high-fidelity detection rules and analytics across the security stack (SIEM, EDR, CNAPP/CSPM) and cloud environments (AWS, GCP, Azure).
• Ability to run vulnerability scans, triage results, establish exploitability of reported vulnerabilities, recommend risk mitigation controls, and deploy controls where needed
• Develop and refine automated response playbooks for Incident Response (IR) and orchestration (SOAR).
• Lead the evaluation and integration of security technologies, ensuring scalability, resilience, and compliance. as it pertains to FedRAMP environments

What You Will Be Doing

• Lead the Detection Lifecycle: Build and maintain our threat detection capabilities, from researching emerging TTPs to writing custom detection logic in our SIEM and EDR platforms.
• Incident Response: Respond to alerts and triage findings coordinating across engineering, security, and leadership teams.
• Modernize Vulnerability Management: Architect and maintain automation to prioritize vulnerabilities (from Code, to Containers, to Cloud) based on risk