[Remote] Senior Product Compliance Analyst -ISSO

Note: The job is a remote job and is open to candidates in USA. Ivanti is a global technology leader enabling organizations to elevate Everywhere Work. The Senior Product Compliance Analyst will lead the execution of compliance functions, support daily activities of the program, and ensure compliance with federal laws and audit requirements.

Responsibilities

• Serve as the support for all FedRAMP related matters
• Work closely with Information Security, Product, Software Development, Operations, as well as external vendors and third-party assessment vendors (3PAOs) to ensure FedRAMP, Common Criteria, and FIPS 140 audit requirements are met
• Developing and maintaining documentation for Certification and Accreditation (C&A), Security Assessment Plans (SAP), Security Assessment Reports (SAR), System Security Plans (SSP)
• Provide status updates on Federal audit program to key stakeholders
• Maintain Federal program certification by successfully completing Federal audits (FedRAMP, Common Criteria, FIPS 140, IRAP, and ISMAP)
• Successfully support an audit program ensuring compliance with regulatory requirements, compliance standards, internal policies, and mandates
• Support a team of auditors, assigning tasks, setting priorities, and providing guidance through the audit process
• Continuously evaluate and enhance audit methodologies, processes, and tools to ensure effectiveness and efficiency
• Support the development of security policies, training material, and other core documents
• Coordinate and manage onsite assessments with external stakeholders
• Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means
• Advise authorizing officials, chief information officers, senior information security leads on a range of audit related topics
• Work independently and have the ability to prioritize conflicting demands from multiple business clients in an extremely fast-paced environment
• Work across departments and business units to implement organization’s audit principles and programs

Skills

• Writing technical documentation demonstrating knowledge of Cloud and Security concepts
• Frameworks such as: NIST SP 800 Series, FISMA, FedRAMP
• Leveraging technical and program management skills to plan, track, collaborate and report on regulated program deliverables
• Tracking and driving remediation of control deficiencies and gaps identified internally and externally
• Previous professional experience in a similar role with a focus on Federal audits (FedRAMP, FIPS 140, Common Criteria, and IRAP)
• Familiarity with security frameworks such as NIST and ISO
• Experience with communicating effectively and efficiently across diverse teams, through verbal and written exchanges
• Project management experience, leading and organizing a team to complete a project within a specific time frame and budget
• Confident in delegating tasks and consistent in tracking and monitoring progress
• Must be able to start without any immigration support for FedRAMP compliance
• Experience working in an Information Systems Security Officer (ISSO) related capacity
• Familiarity with SSP (System Security Plan)
• Experience with NIST RMF
• Experience with POAM (Plan Off Action Milestones)
• 4+ years of previous professional experience in a similar role with a focus on Federal audits (FedRAMP, FIPS 140, Common Criteria, and IRAP)
• Industry certifications preferred (CISSP, Security +, CISM, or Cloud Certifications)

Company Overview