Distinguished Security Engineer - FedRAMP High - Director Level

Job Description

Job Description

This is not a passive oversight role—this is your chance to take the helm of Saviynt's FedRAMP security mission and drive it from the front lines.

As the Distinguished Security Engineer (Director-Level Individual Contributor) , you will own the technical and GRC execution that keeps our platform trusted, compliant, and ahead of evolving federal requirements. You'll be both strategist and engineer , blending hands-on security expertise with the leadership needed to guide our FedRAMP journey end-to-end.

We need someone who thrives on building, breaking, and improving —someone who can lead audits, run vulnerability scans, recommend and deploy controls, and directly shape our security architecture. This is your opportunity to immediately influence Saviynt’s security posture, partner with cross-functional teams, and make FedRAMP compliance a competitive advantage.

If you’re ready to own FedRAMP from the trenches to the boardroom —and make an immediate impact on the security backbone of one of the industry’s leading identity platforms—this is where you make it happen.

Your Mission : What You’ll Own and Drive

• 1. FedRAMP Leadership & Governance : Drive Certification and Trust
• Lead Saviynt's entire FedRAMP program through certification, re-certification, and continuous monitoring cycles.
• Develop and Maintain : Create and sustain the System Security Plan (SSP) and all FedRAMP-required documentation.
• Direct ConMon : Lead monthly Continuous Monitoring (ConMon) meetings, ensuring technical issues are surfaced, resolved, and documented immediately.
• Validate Artifacts : Personally review and validate all FedRAMP artifacts—audit reports, gap analysis, POA&Ms, and compliance forms.
• Serve as POC : Be the primary Governance POC for internal teams, customers, and Federal auditors.
• 2. Hands-On Security Engineering : Build, Scan, and Secure
• Execute technical security controls within our mission-critical Federal environments.
• Architect and Integrate : Design and integrate secure solutions for AWS, Azure, containers, Kubernetes , and modern applications relevant to the FedRAMP platform.
• Hunt & Mitigate : Independently run vulnerability scans , analyze results, determine exploitability, and rapidly deploy mitigations across the environment.
• Enhance Detection : Recommend and implement monitoring enhancements; actively analyze detection alerts to identify and respond to threats.
• Automate Compliance : Automate GRC workflows to drastically improve the speed, accuracy, and scalability of compliance processes.
• 3. Cross-Functional Security Enablement : Embed Security Everywhere
• Partner with core business and technology teams to embed security and compliance from inception to deployment.
• Embed Early : Proactively partner with product, engineering, and operations to embed security and compliance requirements early in the development lifecycle.
• Translate Requirements : Convert complex technical audit requirements into clear, actionable engineering deliverables.
• Support Engagement : Support sales and customer success by addressing client compliance and security queries , acting as a trusted security expert.
• Manage Risk : Conduct risk assessments, track remediation efforts , and maintain a comprehensive risk register.
• Contract Review : Review vendor and customer contracts for security clauses, driving favorable compliance outcomes.
• 4. Compliance Expansion : Scale the GRC Foundation
• Grow and formalize our overarching compliance framework.
• Expand Reach : Contribute to and execute on other compliance programs including ISO 27001, PCI-DSS, SOC 1, and SOC 2.
• Document Strategy : Develop and update core security documentation : policies, standards, incident response plans, and contingency plans.
• Measure Posture : Establish and maintain metrics that clearly measure the GRC posture and inform leadership decisions.
• Lead Training : Drive security awareness and training initiatives across the organization.

What You Bring : Your Qualifications for Command

The candidate must :

If required for this role, you will :

Data Classification, Retention & Handling Policy

Incident Response Policy / Procedures

Business Continuity / Disaster Recovery Policy / Procedures

Mobile Device Policy

Account Management Policy

Access Control Policy

Personnel Security Policy

Privacy Policy

Saviynt is an amazing place to work. We are a high-growth, Platform as a Service company focused on Identity Authority to power and protect the world at work. You will experience tremendous growth and learning opportunities through challenging yet rewarding work which directly impacts our customers, all within a welcoming and positive work environment. If you're resilient and enjoy working in a dynamic environment you belong with us!

Saviynt is an equal opportunity employer and we welcome everyone to our team.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.