Join our team as a FedRAMP ATO Specialist, where your primary focus will be supporting FedRAMP compliance across our three authorized platforms. You'll lead efforts around audit preparation, continuous monitoring (ConMon), change request submissions, and documentation updates. You'll also support related frameworks such as StateRAMP and TX-RAMP as needed.
About You – experience, education, skills, and accomplishments
- Bachelors degree in Cybersecurity, Computer Science, Information Systems, or a related discipline
- 3 years of hands-on experience supporting FedRAMP or federal compliance efforts
- 3 years of experience with FedRAMP documentation development and maintenance, particularly SSPs and policies
- 3 years of experience with continuous monitoring, including vulnerability scans, incident tracking, and system updates
- Must be a US Citizen or Green Card holder with the ability to obtain a Public Trust Clearance
It would be great if you also had . . .
- Certifications such as Security+, CAP, CISSP Associate, or FedRAMP-specific training
- Hands on experience conducting or supporting security control assessments based on NIST SP 800-53 Rev. 5
- Experience in the intellectual property or legal technology space
- Familiarity with cloud-based systems, especially SaaS platforms
- Familiarity with AWS, Azure, Salesforce, or other major cloud providers.
- Solid understanding of RMF and the NIST Cybersecurity Framework
- Proficiency in Windows-based environments and common cybersecurity tools (e.g., Nessus, Qualys, Splunk, Defender for Endpoint, AWS suite of tools, etc.)
- Understanding of FISMA requirements
What will you be doing in this role?
- Support the FedRAMP ATO process for enterprise-grade SaaS solutions used in federal IP portfolio management.
- Draft, review, and maintain key documentation such as System Security Plans (SSPs), Configuration Management Plan (CMP), Contingency Plan (CP) and Incident Response Plan, Policies & Procedures, and Plan of Action and Milestones (POA&M).
- Assist with the assessment of NIST SP 800-53 Rev. 5 security controls, including documentation of implementation details, testing procedures, and results.
- Coordinate with internal stakeholders, security teams, and external 3PAOs to manage system assessments and audits.
- Assist in the implementation and ongoing execution of continuous monitoring (ConMon) activities and reporting.
- Apply principles of the Risk Management Framework (RMF) and the NIST Cybersecurity Framework across the system development lifecycle.
- Track control implementations, document remediation efforts, and manage security artifacts in accordance with FedRAMP Moderate or High baselines.
- Leverage cybersecurity tools in a Windows-based environment to support vulnerability management, system hardening, and log analysis.
- Stay informed of updates to NIST guidance, FedRAMP baselines, and relevant compliance frameworks impacting government contractors.
About the Team
We are a team of security professionals from various walks of life with diverse experience. The overall team consists of 25 security professionals that report to the Chief Information Security Officer. We are spread out across the world with team members located in North America, Europe, and Asia. As a security team, our focus lies in four main areas (pillars) – Security Engineering and Operations, Product security, Security Architecture, and Governance Risk and Compliance. This position will sit on the Governance, Risk and Compliance (GRC) team.
Hours of Work
- Full-time permanent position primarily working core business hours in your time zone, with flexibility to adjust to various global time zones as needed
- Hybrid position working 2-3 days/week on-site
- Must live within a commutable distance to one of our US office locations: Alexandria, VA; Philadelphia, PA or Overland Park, KS
At Clarivate, we are committed to providing equal employment opportunities for all qualified persons with respect to hiring, compensation, promotion, training, and other terms, conditions, and privileges of employment. We comply with applicable laws and regulations governing non-discrimination in all locations.
Clarivate Analytics Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Clarivate Analytics and has not been reviewed or approved by Clarivate Analytics.
-
Strong & Reliable Incentives — Incentives in sales and select product/tech roles provide meaningful upside for high performers, with commission structures boosting total compensation when targets are exceeded. Role-linked variable pay is a clear strength in revenue-driving positions.
-
Leave & Time Off Breadth — PTO is ample in the U.S., with paid parental leave available, making time-off policies a notable part of the package. Generous vacation and holiday allowances stand out as positives.
-
Wellbeing & Lifestyle Benefits — Hybrid and remote options are common and paired with a formal wellbeing framework and EAP, supporting work–life balance. Core medical, dental, and vision coverage is broadly available in the U.S., reinforcing everyday wellbeing support.
Clarivate Analytics Insights
Similar Jobs
What We Do
Clarivate™ is a global leader in providing solutions to accelerate the lifecycle of innovation. Our bold mission is to help customers solve some of the world’s most complex problems by providing actionable information and insights that reduce the time from new ideas to life-changing inventions in the areas of science and intellectual property. We help customers discover, protect and commercialize their inventions using our trusted subscription and technology-based solutions coupled with deep domain expertise. For more information, please visit clarivate.com.
