Über
$145,000.00/yr - $170,000.00/yr Reports To
Senior Engineering Manager / Director of Engineering Location
Hybrid: NC, MA, NY Classification
Full-Time, Exempt Hiring Requirement
Due to the nature of our work with federal government clients and compliance with applicable regulations, this position requires U.S. citizenship. Dual citizenship is not permitted for this role. Candidates must be able to provide documentation verifying sole U.S. citizenship status as part of the background check process. Focus
Integrations, AI/ML, Compliance Automation, Infrastructure Analysis Overview
Youll be the backend powerhouse responsible for building KnoxAIs core compliance engineintegrating with third?party services, implementing AI?driven analysis, and automating the complex workflows required for FedRAMP and DISA authorizations. Your work will directly impact federal agencies ability to assess and authorize SaaS applications securely and efficiently. This role is ideal for a senior engineer who loves solving hard integration problems, working with cutting?edge AI/ML technologies, and building systems that must be both highly reliable and auditable for government compliance. Responsibilities
Core Platform Development KSI Compliance Engine:
Build automated validation for Key Security Indicators across 26+ KSI families (CNA, IAM, SVC, MLA, etc.) with hybrid automated + AI?driven scoring Integration Pipelines:
Develop and maintain integrations with FedRAMP?authorized services Security:
CrowdStrike (SIEM, EDR, CNAPP), AWS Security Hub, GuardDuty, Inspector, CloudTrail IAM/PAM:
Okta, Keeper (via CLI/SDK for just?in?time access, session metadata, audit logs) Operations:
Jira (CAB approvals), ServiceNow (ITSM), PagerDuty (incident response) Training/Awareness:
KnowBe4 (security awareness metrics) Infrastructure Analysis:
Parse and analyze Terraform/CloudFormation to identify NIST SP 800?53 control alignment and misconfigurations DAST Implementation:
Enhance and productionize OWASP ZAP integration for dynamic application security testing of customer SaaS applications Document Repository:
Build secure, controlled repository for customer?specific documentation with AI?powered SSP overlay generation
AI/ML Integration Model Orchestration:
Implement multi?model workflows combining OpenAI (GPT?4o), Anthropic (Claude), Google (Gemini), and Groq for compliance reasoning Model Context Protocol:
Build MCP tools exposing platform capabilities to AI agents (user management, findings retrieval, KSI analysis) Fine?Tuning Pipeline:
Collaborate on QWEN fine?tuning using Knoxs decade of FedRAMP/DISA assessment data Prompt Engineering:
Design and optimize prompts for compliance analysis, risk scoring, and remediation recommendations Vector Search:
Implement RAG (Retrieval?Augmented Generation) for policy/control lookup using OpenSearch or dedicated vector DB
Data Layer & Scalability Database Design:
Extend Prisma schema for new features; optimize complex queries across 35+ models Caching Strategies:
Implement Redis caching for frequently accessed compliance data and KSI results Event?Driven Architecture:
Build SQS?based job queues for long?running compliance evaluations and bulk imports API Performance:
Ensure API response times
Multi?Tenancy:
Maintain strict team?based data isolation; implement row?level security where needed
DevOps & Reliability Monitoring:
Instrument code with CloudWatch metrics, structured logging, and distributed tracing Error Handling:
Implement robust retry logic, circuit breakers, and graceful degradation for third?party API failures Testing:
Write comprehensive unit and integration tests (Jest); achieve >80% code coverage on critical paths Documentation:
Maintain up?to?date API documentation (OpenAPI), architecture decision records (ADRs), and runbooks
Required Qualifications
Technical Skills 5+ years backend development
with TypeScript/Node.js; deep understanding of async patterns, streams, and event loops NestJS or similar frameworks
(Express, Fastify, Koa) with dependency injection and modular architecture PostgreSQL expertise:
Complex joins, CTEs, window functions, indexing strategies, query optimization Prisma ORM
or similar (TypeORM, Sequelize) with migrations and schema management AWS services:
S3, Lambda, SQS, DynamoDB, OpenSearch, Secrets Manager, IAM policies AI/ML APIs:
Hands?on experience integrating OpenAI, Anthropic, Google Gemini, or similar (not just basic promptscomplex workflows, streaming, function calling)
Integration & Automation Third?party API integration:
OAuth2, SAML, webhooks, retry logic, API versioning, SDK usage Infrastructure?as?code familiarity:
Ability to parse Terraform/CloudFormation and understand resource configurations Security testing tools:
Experience with OWASP ZAP, Burp Suite, or similar DAST/SAST tools Message queues:
SQS, RabbitMQ, Kafka, or similar for async job processing
Soft Skills & Mindset Problem solver:
Thrives on debugging complex issues across distributed systems and third?party integrations Detail?oriented:
Compliance work requires precisionsmall errors can have big consequences Collaborative:
Works closely with frontend engineer, engineering manager, and CTO; clear written communication
Bonus/Preferred
GRC/compliance background:
Prior work in cybersecurity, audit, or compliance automation FedRAMP/DISA knowledge:
Understanding of NIST SP 800?53, FedRAMP requirements, or DISA STIGs QWEN or other OSS model fine?tuning
experience LangChain, Haystack, or similar AI orchestration frameworks Docker/containerization
for local development and AWS ECS/Fargate deployments GraphQL
(future roadmap consideration)
Interview Process
Short Loom video walking through a passion project, including what it does and a review of some of the code. Access to either a public or private repository so we can review commits and overall code quality.
Benefits
Knox offers a competitive employee benefits package including Medical, Dental, Vision, Life & Disability, unlimited PTO, and an employee?funded 401k plan. Benefits are subject to change. Equal Opportunity
We are an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Employment decisions are made without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, veteran status, or any other legally protected status. #J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klicken Sie auf „Jetzt Bewerben“, um Ihre Bewerbung direkt auf deren Website einzureichen.