As the number of cyberattacks and digital threats continue to grow, our world needs more passionate and innovative individuals who seek to be trailblazers in and shapers of the rapidly evolving cybersecurity landscape.
At Trend Micro, we offer tremendous opportunities that will challenge and equip you to become engineered to do good in whatever path you take. By choosing to be an agent of change, you will be part of an impactful mission that aims to make the world safe for exchanging digital information.
What you'll do:
Lead and Manage FedRAMP Operations
- Act as the PH Technical Lead for processing FedRAMP security cases for Incident Management with FedRAMP Ops members of the Americas Region.
- Leverage a team of L1 SOC Analysts responsible for FedRAMP security alert monitoring.
- Overseeing security monitoring and compliance efforts
Compliance Program Development and Management
- Develop, implement, and manage the FedRAMP compliance program, ensuring that all cloud services adhere to stringent FedRAMP standards.
- Work directly with TrendMicro VisionOne/CloudOne products for Government SaaS offerings and FIPS-compliant software releases.
Lifecycle Management
- Coordinate and manage all phases of the FedRAMP lifecycle, including initial assessments, authorizations, continuous monitoring, and reauthorizations.
Collaboration and Integration
- Collaborate extensively with internal teams (IT, security, development) to integrate FedRAMP requirements into organizational processes and technology stacks.
Documentation and Automation
- Develop and maintain System Security Plans (SSP), policies, procedures, and controls to support FedRAMP compliance.
- Automate the Plan of Action & Milestones (POA&M) and other continuous monitoring requirements.
Regular Security Assessments
- Conduct regular security assessments and audits to ensure persistent compliance with FedRAMP and other relevant standards.
Change Monitoring and Compliance Adaptation
- Monitor changes in FedRAMP requirements and guidelines, adapting practices to stay compliant with the latest updates.
Guidance and Expertise
- Serve as the primary point of contact for FedRAMP inquiries and coordination with external auditors and assessors.
- Provide guidance on FedRAMP-related topics to internal teams and conduct security risk assessments.
Reporting
- Prepare and present detailed compliance reports to senior management and stakeholders, highlighting the status of FedRAMP initiatives and addressing any areas needing attention.
What you need:
- 3+ years in information security or network administration, particularly within an enterprise-level Security Operations Center (SOC).
- Strong experience with firewalls, Windows Servers, and PCs; experience with routers and switches is preferred.
- Minimum of 3 years in security compliance or Governance, Risk, and Compliance (GRC), preferably supporting U.S. public sector security authorizations.
- In-depth knowledge of Azure GovCloud, Sentinel, Nessus, HCL App Scan, JIRA, SIEM, IDS/IPS, EDR, and network monitoring tools.
- Solid understanding of FedRAMP, CMMC, NIST 800-53, NIST RMF, FISMA, and similar frameworks.
- Proficient in Windows, macOS, and Linux operating systems.
- Capable in risk management and assessment procedures.
- Skilled in network security and architecture, both wired and wireless.
- Knowledgeable in enterprise and security architecture.
- Familiarity with cloud hyperscaler services (e.g., AWS, Azure) and best practices.
- Excellent analytical, problem-solving, and project management capabilities.
- Strong communication and interpersonal skills for effective collaboration with internal teams, auditors, customers, and regulatory bodies.
- Willingness to participate in frequent international video conferences and handle security incidents during non-regular hours.
What will help
- Industry certifications such as CISSP, GCIH, GCFA, CEH, or similar are highly desirable.
- Self-motivated and fast learner, able to complete tasks with minimal supervision.
- Experience conducting company-wide third-party security risk assessments.
- Advanced expertise in FedRAMP requirements.
- Practical experience in penetration testing, threat hunting, information security management, computer forensics, incident response, or risk management.
- Experience conducting regular security audits to ensure compliance with established standards and frameworks.
Be Passionate.
Be Innovative.
Be a Trender.
Be #EngineeredToDoGood.
Top Skills
What We Do
We’re a global cybersecurity leader, helping to make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, our cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints.
As a leader in cloud and enterprise cybersecurity, our platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response.
Our global threat research team delivers unparalleled intelligence and insights that power our cybersecurity platform and help protect organizations around the world from 100s of millions of threats daily.
We have 7,000 employees across 65 countries, singularly focused on security and passionate about making the world a safer and better place.
We enable organizations to simplify and secure their connected world.
Trend Micro’s “Trenders” are passionate about doing the right thing to make the world a safer and better place.
