Technical Program Manager, FedRAMP

Who We Are

Verily is a subsidiary of Alphabet that is using a data-driven approach to change the way people manage their health and the way healthcare is delivered. Launched from Google X in 2015, our purpose is to bring the promise of precision health to everyone, every day. We are focused on generating and activating data from a variety of sources, including clinical, social, behavioral and the real world, to arrive at the best solutions for a person based on a comprehensive view of the evidence. Our unique expertise and capabilities in technology, data science and healthcare enable the entire healthcare ecosystem to drive better health outcomes.

We are seeking a detail-oriented and experienced Security Compliance Technical Program Manager to lead our FedRAMP compliance efforts. The ideal candidate will have a strong background in cybersecurity and compliance, with specific expertise in achieving and maintaining security certifications like FedRAMP. This role will be critical in ensuring our cloud services meet the stringent security requirements set by the Federal Risk and Authorization Management Program (FedRAMP) and Federal Information Security Modernization Act (FISMA).
As a Public Sector (Pub-Sec) Security Compliance TPM, it will be your goal to advance customer trust and execute the security compliance roadmap to achieve results for customers.You will be directly supporting our products that serve Federal Agency Customers.

Responsibilities

• Support the development, implementation, and management of our FedRAMP/ FISMA compliance program, ensuring that our relevant products meet or exceed FedRAMP/ FISMA requirements.
• Work with IT, Security and Product Engineering to manage the compliance lifecycle, including initial assessment, authorization, continuous monitoring, and reauthorization processes.
• Develop and maintain comprehensive documentation, including System Security Plans (SSP), policies, procedures, and controls, to support FedRAMP/FISMA compliance initiatives.
• Automate and maintain the plan of action & milestones (POA&M) and other continuous monitoring requirements.
• Monitor and analyze changes in compliance requirements and guidelines, ensuring the organization remains compliant with the latest updates.

Qualifications

Minimum Qualifications

• Bachelor's degree in Computer Science, Information Systems, or a related field. 
• 8+ years of experience in Security Architecture, GRC Analyst or similar role, with a focus on , audit,attestation and 3+ years of direct experience with the FedRAMP Authorization Process.
• In-depth knowledge of security frameworks and regulations, such as  AICPA Trust Principles, ISO 27001, HITRUST, HIPAA, FISMA  and FEDRAMP.
• Working knowledge of cloud applications, security tools and SAAS environments.

Preferred Qualifications

• Relevant certifications such as CISSP, CISM, CRISC, or CISA are highly desirable.
• Experience conducting security audits, risk assessments, and vulnerability assessments.
• Excellent analytical and problem-solving skills, with the ability to identify and mitigate risks effectively.
• Ability to translate technical security requirements into business language and communicate the value of security initiatives to key stakeholders.

The US base salary range for this full-time position is $129,000 - $184,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits.

#LI-SR1 

Why Join Us

Build What’s Vital.

At Verily, you are a part of something bigger. We are a diverse team of builders innovating at the intersection of health and technology—united by a shared spirit of curiosity, resilience and determination to make better health possible for all. This builder mindset means your fingerprints will be on the work that shapes the future of health. 

Fulfilling our precision health purpose starts with the health of our Veeps, which is why we offer flexibility, resources, and competitive benefits to support you in your whole-person well being. 

Our culture reflects the behaviors that stem from living our values every day in how we Innovate Healthcare and Technology, Gain Velocity as One Verily, and Respect Individuals. As One Verily, we uphold our collective accountability to sustain this culture and to create a VIBE (Verily’s Culture of Inclusion, Belonging, and Equitability) where all Veeps feel included, a sense of belonging, and have opportunities to grow. 

If this sounds exciting to you, we would love to hear from you.

You can find out more about our company culture on our LinkedIn Company Page and Verily Careers page.