Staff Software Engineer - Government Engineering (FedRAMP & Traffic)

Responsibilities

• Manage Cloud Traffic & Service Mesh technologies: Design, implement, and maintain our next-generation network routing, edge controls, and service mesh architecture using Istio, Kong, and Cloudflare .
• Lead Platform Migrations: Drive the engineering lifecycle and migration strategies transitioning internal teams over to centralized, compliant infrastructure pipelines using Istio, and Datadog .
• Manage Identity & Access: Design and implement robust Identity and Access Management (IAM) architectures within FedRAMP boundaries, leveraging Okta for identity federation (SAML/OIDC), SSO, RBAC, and zero-trust patterns.
• Enforce Cryptographic Security: Select, configure, and enforce NIST-certified FIPS 140-2/140-3 validated cryptographic modules across services, TLS configurations, and key management systems.
• Develop Automations: Actively write production-grade software to eliminate platform gaps while mentoring mid-level engineers on compliance-aware engineering design patterns.
• Leverage AI Tools: Welcome the use of modern developer tooling-including AI-assisted development assistants-where appropriate to optimize coding efficiency, automate mundane tasks, and accelerate platform delivery.

Requirements

• Experience: 8+ years of software or infrastructure engineering experience, with at least 3 years directly supporting or operating within a FedRAMP-authorized environment (AWS GovCloud experience is a plus).
• Software Engineering Proficiency: Strong programming fundamentals with demonstrated proficiency in writing software (e.g., Golang, Typescript, or Python) to build robust platform infrastructure and automation tools.
• Deep IAM Expertise: Comprehensive hands-on experience with identity management architecture, identity federation (SAML, OIDC), directory services, privileged access management, and zero-trust architecture principles.
• FIPS Cryptography Real-World Experience: Deep understanding of FIPS 140-2/140-3 validated cryptographic modules. You know how to verify and enforce true NIST-certified algorithm/module testing in practice, rather than just knowing "encryption is on."
• Cloud Traffic & Edge Infrastructure: Production experience managing high-throughput ingress/egress, traffic routing, and container network interfaces at scale using tools like Istio, Kong, and Cloudflare.
• Kubernetes Ecosystem Mastery: Extensive experience architecting, operating, and hardening Kubernetes clusters, including policy enforcement (e.g., OPA/Gatekeeper, Kyverno) and secure secrets management.,
• Experience with secrets management platforms operating in FIPS mode (e.g., HashiCorp Vault).
• Familiarity with FedRAMP Rev 5 transition requirements.
• Experience with STIG application or CIS benchmark enforcement at scale.
• Security certifications such as CISSP, AWS Certified Security - Specialty, or CKS.
• Additional Information
• Base Pay Range:
• 168,560.00 - 231,770.00 USD Annual
• This role may also be eligible for Equity Compensation and/or Bonus Incentive Compensation. Procore is committed to offering competitive, fair, and commensurate compensation. Actual compensation will be based on a candidate's job-related skills, experience, education or training, and location.
• This position requires access to technology, software, and data that is controlled or restricted under U.S.

Benefits

Additional Information

Procore Technologies is building the software that builds the world. We provide cloud-based construction management software that helps clients more efficiently build skyscrapers, hospitals, retail centers, airports, housing complexes, and more. At Procore, we have worked hard to create and maintain a culture where you can own your work and are encouraged and given resources to try new ideas. We are looking for a Staff Software Engineer to join Procore's Government Engineering team and serve as a senior technical contributor for our FedRAMP initiative. In this role, you will design, build, and maintain next-generation platform services that provide cloud traffic, ingress/egress, identity, and compliance capabilities. You will combine your technical and collaboration skills along with established software design principles to create a secure, compliant, and highly scalable foundation that Procore developers, partners, and customers can easily integrate with. The impact of this team is wide as it touches all aspects of Procore's ecosystem within our FedRAMP authorization boundaries, and MUST respect and protect those boundaries. This position reports to the Senior Engineering Manager of the Government Engineering team and is a hybrid role based out of our Austin, TX office. We're looking for someone to join us immediately.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at procore? Share your experience