Project Context
You are the program manager for AegisCloud, a B2B SaaS provider of secure collaboration and document workflows used by regulated industries. AegisCloud has ~4.5M monthly active users globally and processes ~1.2B events/day (document views, edits, shares, permission changes). The company is pursuing a major expansion into US public sector and defense-adjacent customers.
AegisCloud has signed a conditional agreement with a prime contractor supporting a DoD program. The contract is contingent on delivering FedRAMP Moderate-aligned audit logging and immutable retention for key security events by the end of Q2 (16 weeks). Missing the date means the prime will select a competitor and AegisCloud will lose an estimated $18M ARR plus a strategic reference account.
The feature is not “just logging.” The customer requires: (1) tamper-evident audit trails, (2) role-based access to audit data, (3) retention policies (1 year default, configurable up to 7 years), (4) export to their SIEM (Splunk) in near real time, and (5) evidence artifacts suitable for an external assessor. The work touches core services that are shared with commercial customers, so any regression risks broad impact.
Team & Operating Model
You will lead a cross-functional team:
| Function | Count | Notes |
|---|
| Backend engineers | 6 | Own event pipeline, storage, APIs |
| SRE/Infra | 2 | Own Kubernetes, logging infra, on-call |
| Security engineering | 2 | Own control mapping, threat modeling |
| Product/Program | 1 PM + you | PM owns requirements; you drive execution |
| Design | 1 | Admin UX for audit search/export |
| Legal/Compliance | 1 | FedRAMP artifacts, data residency, contracts |
| QA | 1 | Automation + performance test plans |
Stakeholder Landscape (Competing Priorities)
- Public Sector GM: Needs the feature delivered by Q2 to close the $18M ARR deal and unlock a pipeline of similar agencies.
- CISO / Security Engineering: Will not approve launch without meeting control intent (e.g., integrity, access controls, retention, monitoring). Prefers correctness over speed.
- VP of Engineering (Core Platform): Concerned about destabilizing the shared event pipeline that supports commercial SLAs (99.95% uptime). Wants minimal risk and clear rollback.
- SRE Lead: Already committed to a separate initiative: migrating observability tooling (Prometheus → OpenTelemetry) in the same quarter.
- Prime Contractor / Customer Security Team: Wants specific evidence (runbooks, diagrams, test results) and will run their own penetration and integration tests.
Constraints
- Timeline: 16 weeks to production deployment in a dedicated GovCloud environment.
- Budget: $350K available for external assessor prep, load testing tooling, and a short-term consultant; no new FTE headcount approved.
- Regulatory/Security:
- Must align to FedRAMP Moderate control intent (audit & accountability, access control, incident response evidence).
- Must support FIPS 140-2 validated crypto modules already used by the platform.
- Data Handling:
- GovCloud environment must be logically isolated; audit logs must not co-mingle with commercial tenant data.
- Some customer users are foreign nationals; legal flags potential ITAR/EAR considerations for certain metadata exports.
- Technical Dependencies:
- Current event pipeline is Kafka-based, with a 24-hour retention buffer; it is near capacity at peak.
- Current audit events are incomplete (only admin actions; missing document permission changes and exports).
Deliverables (What you must produce in this interview)
- A delivery plan (phased roadmap) for the 16 weeks, including key milestones and entry/exit criteria.
- A trade-off proposal: what you would cut, defer, or phase to hit the Q2 deadline while still meeting minimum FedRAMP-aligned requirements.
- A stakeholder alignment plan: how you will drive decisions between the Public Sector GM, CISO, and Core Platform engineering when priorities conflict.
- A launch plan for GovCloud: rollout strategy, monitoring, on-call readiness, and a tested rollback plan.
- A risk register: top risks (technical, compliance, partner/customer, resourcing) with mitigations and triggers.
Complications (Assume these happen)
- Key dependency slips: In week 4, SRE informs you the Kafka cluster upgrade required for capacity will be 2 weeks late due to a vendor support issue.
- Scope change from security: In week 6, the CISO adds a requirement for cryptographic log chaining (hash chaining) to strengthen tamper evidence after a similar vendor suffered a breach.
- Resource shock: In week 9, one backend engineer who owns the audit export service gives notice; you have 3 weeks before they leave.
Interview Prompt
Walk through how your past projects have prepared you to execute in a government/defense environment by answering through this scenario:
- How do you structure the program so that compliance/security requirements are not “discovered late,” while still moving fast?
- What is your MVP definition for “FedRAMP-ready audit logging,” and what do you explicitly defer?
- How do you handle the week-6 scope change without losing the Q2 date (or, if you must slip, how do you make that decision and communicate it)?
- What mechanisms do you put in place for documentation, evidence collection, and change control that are typical in gov/defense programs?
- What does your go/no-go checklist look like, and what telemetry would you monitor in the first 72 hours post-launch?
Be prepared to discuss concrete artifacts you would create (e.g., RAID log, control mapping doc, RACI, cutover runbook), and how you would operate differently than in a purely commercial launch.
