Information System Security Officer
To see similar active jobs please follow this link: Remote System Administration jobs
What you're looking for...
The Information System Security Officer (ISSO) is responsible for the success of the FedRAMP Authorization program at ScienceLogic. The ISSO will be responsible for ensuring execution of the initiatives within the FedRAMP roadmap and will work closely with Product Management, Engineering and SaaS Operations Leads to accomplish the required objectives.
What you'll be doing...
Be the single point of contact for all things FedRAMP at ScienceLogic, owning the FedRAMP Authorization program
Own the relationships and act as the interface with the 3PAO, sponsoring agency, contract ATO solution vendor, as well as the FedRAMP PMO
Lead the planning, scheduling, and preliminary analysis for all development requirements, as well as internal and external audits
Properly identify, remediate, communicate, or escalate technical and program risks
Aid the stakeholders in managing technical and program changes
Gather and report both program and technical metrics
Partner with Product Management, Engineering and Operations managers on program contributors’ accountability, and priorities
Stakeholder management outside of product teams including Security, IT, Operations, Customer Support, Business Applications, Legal, Sales, HR, and Finance
Ability to assess, customize, and use current program and compliance technologies
Define, execute, and manage the FedRAMP Baseline (BL) and Impact Level (IL) development roadmap, including identifying, communicating, and escalating program risks
Partner with Engineering, IT, and other teams to develop a sustainable and scalable FedRAMP environment and program
Coordinate and facilitate the relationships with the 3PAO, sponsoring agency/JAB, and FedRAMP PMO
Manage security assessments, creation of the Plan of Action & Milestones (POA&M), and ongoing Continuous Monitoring (ConMon) requirements
Collaborate with process owners and subject matter experts to influence prioritization of projects and solutions to reduce risk and improve compliance
Establish, maintain, and influence program stakeholder relationships, expectations, and communications
Review new product features and designs and provide guidance on requirements and standards including NIST 800-53, NIST 800-171, DoD ILs, and FedRAMP BL requirements
Qualities you possess...
FedRAMP experience, including successful completion of products through FedRAMP certification
Soft skills including the ability to gain the trust of stakeholders and senior management and negotiate priorities with outside teams
Working knowledge of the software development life cycle (SDLC) for SaaS applications
Excellent verbal and written communication skills
Strong analytical and problem-solving skills
Inspired by bringing cross-functional teams together to accomplish program objectives
US Citizenship
Bachelor’s degree
Experience with with the FedRAMP Authorization program; experience must strong knowledge in all phases of preparing and reviewing complete ATO packages for FedRAMP authorization
Experience with FedRAMP, NIST 800-53, FISMA, DoD ILs, DISA Security Requirements Guide, etc.
Experience with continuous monitoring, third-party assessments, and audit management
Experience with vulnerability management and helping prioritize security related work
Excellent interpersonal, verbal, and written communication skills with the ability to communicate compliance related concepts to a broad range of technical and non-technical staff
Excellent organizational and program management skills
Experience leading massive, cross-functional programs with the ability to influence priorities and deliver on commitments
Experience with program / project management tools and dashboards
CISA, CISSP, CCSP, CCSK or other related certifications preferred
Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At ScienceLogic, we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.
About ScienceLogic
We empower intelligent and automated IT operations.
The ScienceLogic SL1 platform enables companies to digitally transform themselves by removing the difficulty of managing complex, distributed IT services. We use patented discovery techniques to find everything in your IT environment, so you get visibility across all technologies and vendors running anywhere in your data centers or clouds
All ScienceLogic employees have the responsibility to protect information assets, adhere to access controls, report suspicious activity, and comply with security and privacy policies.
#LI-Remote
About the job
Information System Security Officer
To see similar active jobs please follow this link: Remote System Administration jobs
What you're looking for...
The Information System Security Officer (ISSO) is responsible for the success of the FedRAMP Authorization program at ScienceLogic. The ISSO will be responsible for ensuring execution of the initiatives within the FedRAMP roadmap and will work closely with Product Management, Engineering and SaaS Operations Leads to accomplish the required objectives.
What you'll be doing...
Be the single point of contact for all things FedRAMP at ScienceLogic, owning the FedRAMP Authorization program
Own the relationships and act as the interface with the 3PAO, sponsoring agency, contract ATO solution vendor, as well as the FedRAMP PMO
Lead the planning, scheduling, and preliminary analysis for all development requirements, as well as internal and external audits
Properly identify, remediate, communicate, or escalate technical and program risks
Aid the stakeholders in managing technical and program changes
Gather and report both program and technical metrics
Partner with Product Management, Engineering and Operations managers on program contributors’ accountability, and priorities
Stakeholder management outside of product teams including Security, IT, Operations, Customer Support, Business Applications, Legal, Sales, HR, and Finance
Ability to assess, customize, and use current program and compliance technologies
Define, execute, and manage the FedRAMP Baseline (BL) and Impact Level (IL) development roadmap, including identifying, communicating, and escalating program risks
Partner with Engineering, IT, and other teams to develop a sustainable and scalable FedRAMP environment and program
Coordinate and facilitate the relationships with the 3PAO, sponsoring agency/JAB, and FedRAMP PMO
Manage security assessments, creation of the Plan of Action & Milestones (POA&M), and ongoing Continuous Monitoring (ConMon) requirements
Collaborate with process owners and subject matter experts to influence prioritization of projects and solutions to reduce risk and improve compliance
Establish, maintain, and influence program stakeholder relationships, expectations, and communications
Review new product features and designs and provide guidance on requirements and standards including NIST 800-53, NIST 800-171, DoD ILs, and FedRAMP BL requirements
Qualities you possess...
FedRAMP experience, including successful completion of products through FedRAMP certification
Soft skills including the ability to gain the trust of stakeholders and senior management and negotiate priorities with outside teams
Working knowledge of the software development life cycle (SDLC) for SaaS applications
Excellent verbal and written communication skills
Strong analytical and problem-solving skills
Inspired by bringing cross-functional teams together to accomplish program objectives
US Citizenship
Bachelor’s degree
Experience with with the FedRAMP Authorization program; experience must strong knowledge in all phases of preparing and reviewing complete ATO packages for FedRAMP authorization
Experience with FedRAMP, NIST 800-53, FISMA, DoD ILs, DISA Security Requirements Guide, etc.
Experience with continuous monitoring, third-party assessments, and audit management
Experience with vulnerability management and helping prioritize security related work
Excellent interpersonal, verbal, and written communication skills with the ability to communicate compliance related concepts to a broad range of technical and non-technical staff
Excellent organizational and program management skills
Experience leading massive, cross-functional programs with the ability to influence priorities and deliver on commitments
Experience with program / project management tools and dashboards
CISA, CISSP, CCSP, CCSK or other related certifications preferred
Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At ScienceLogic, we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.
About ScienceLogic
We empower intelligent and automated IT operations.
The ScienceLogic SL1 platform enables companies to digitally transform themselves by removing the difficulty of managing complex, distributed IT services. We use patented discovery techniques to find everything in your IT environment, so you get visibility across all technologies and vendors running anywhere in your data centers or clouds
All ScienceLogic employees have the responsibility to protect information assets, adhere to access controls, report suspicious activity, and comply with security and privacy policies.
#LI-Remote