Federal Security Compliance Analyst
Federal Security Compliance Analyst
The Federal Security Compliance Analyst will be responsible for assisting SailPoint in achieving and maintaining its compliance objectives with respect to the U.S. public sector. This role will support efforts related to SailPoint's FedRAMP Authorized cloud service offerings and the Cybersecurity Maturity Model Certification (CMMC). The nature of this position requires collaboration and partnership with teams across the organization, at all levels with varying levels of technical acumen, as well as contact with outside client representatives, vendors, auditors, and other business-related representatives.
Responsibilities:
- Act as one of SailPoint's subject matter expert regarding public sector information security requirements and compliance objectives.
- Advise technical resources from Engineering, CyberSecurity, IT, and DevOps in the design, implementation, assessment, and maintenance of security controls.
- Support SailPoint in maintaining compliance with its Continuous Monitoring (ConMon) objectives.
- Serve as a trusted interface between SailPoint and public sector oversight entities (FedRAMP PMO, agency partners, etc.).
- Assist in the management of annual 3PAO assessment activities such as evidence collection, control interviews, SAR review, and debrief.
- Update and maintain key security compliance documentation such as policies, procedures, the System Security Plan, and the Plan of Action & Milestones.
- Contribute to the development of new programs supporting upcoming and developing compliance objectives in the public sector such as CMMC.
Requirements:
- Proven track record working in security compliance, security consulting, or similar role.
- Practical experience designing, supporting, advising, and assessing the implementation of security controls for a FedRAMP authorized system derived from NIST 800-53.
- Understanding of core cloud computing concepts and cloud services architecture (Amazon Web Services).
- Strong written, verbal communication and presentation skills. Ability to partner with stakeholders across a breadth of technicality from engineers to customers to senior leadership.
- Ability to learn quickly in a fast paced and changing environment.
- Due to the nature of this role's responsibilities, U.S. citizenship is a requirement.
Preferred:
- Bachelor's degree in relevant field.
- Demonstratable experience supporting certification programs for the U.S. public sector, specifically FedRAMP. CMMC experience a plus.
- Experience with other control frameworks such as NIST 800-171, ISO 27001/02, SOC 2 a plus.
- Experience working for a Cloud Service Provider or in professional services a plus
- Certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or CSP specific (i.e AWS Cloud Practitioner) a plus.
SailPoint is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.