Sr Application Security Architect- FedRAMP

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Sr Application Security Architect - FedRAMP in the United States.

In this role, you will lead the design, implementation, and oversight of application security practices within FedRAMP-authorized environments. You will work closely with engineering teams, leadership, and auditors to ensure secure, compliant, and high-performing systems that support critical healthcare and life sciences data workflows. The position offers a unique opportunity to shape security architecture, drive compliance initiatives, and influence the security posture of enterprise-grade applications. You will translate regulatory and compliance requirements into practical, scalable security solutions, while performing threat modeling, secure code reviews, and system assessments. The role combines strategic guidance with hands-on technical contributions, emphasizing collaboration, risk management, and measurable impact.

Accountabilities:

• Define and maintain FedRAMP system boundaries and ensure compliance with security controls, including preparation of SSP, SAP, SAR, POA&M, and continuous monitoring documentation.
• Conduct security and threat model reviews, providing actionable architectural guidance to development teams.
• Collaborate with engineering, product, and GRC teams to translate compliance requirements into technical tasks and low-friction security workflows.
• Serve as primary security liaison for 3PAOs, agency reviewers, and internal stakeholders.
• Support FedRAMP assessments and audits by validating control evidence, resolving findings, and maintaining updated documentation.
• Lead Significant Change Request (SCR) reviews, evaluating architecture changes and their security impact.
• Drive initiatives to enhance application security and risk management practices across the organization.

Requirements

• 6+ years of experience in application security architecture, threat modeling, and compliance standards.
• Deep expertise representing organizations in FedRAMP High and Moderate environments.
• Strong understanding of application and cloud security in AWS and/or Azure environments.
• Proficiency in translating security controls into practical, scalable engineering workflows.
• Experience performing secure code reviews and guiding development teams on risk mitigation.
• Strong collaboration skills, capable of influencing technical and leadership stakeholders.
• Ability to balance ideal security practices with practical implementation for legacy and modern systems.
• Excellent communication skills and proven ability to deliver in fast-paced, high-impact environments.
• Preferred: experience in healthcare or highly regulated industries (HIPAA, HITRUST, SOC 2, PCI).

Benefits

• Competitive salary range: $184,000 – $230,000 USD.
• Comprehensive health benefits including medical, dental, and vision coverage.
• Flexible personal, sick, and vacation days to support work-life balance.
• Retirement planning options.
• Professional development opportunities and training support.
• Supportive, high-performance culture emphasizing collaboration, growth, and impact.

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.

When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly.
🔍 Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements.
📊 It compares your profile to the job’s core requirements and past success factors to determine your match score.
🎯 Based on this analysis, we automatically shortlist the 3 candidates with the highest match to the role.
🧠 When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.

The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role. Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then made by their internal hiring team.

Thank you for your interest!