Data Centre Security Compliance Public Sector Specialist

1. Public Sector & Compliance Governance

• Serve as the Subject Matter Expert (SME) on NIST 800-53 control families and FedRAMP requirements.
• Manage Cloudflare's continuous monitoring program inclusive of annual assessments and significant change requests.
• Collect validate and organize FedRAMP evidence and artifacts to present to auditors FedRAMP customers and the FedRAMP PMO.
• Help guide our overall security policy and governance architecture to ensure alignment with evolving government regulations.

• Orchestrate end-to-end audit activities for standards such as PCI SOC2 ISO NIST and FedRAMP.
• Coordinate with auditors to manage data center access compliance certificate collection and evidence defense.
• Work cross-functionally with Engineering Legal Product and Operational teams to maintain management and technical controls.
• Support compliance and regulatory projects including implementation of new legislation / regulation.

• Execute monthly Periodic Access Reviews (PARs): Compare portal user lists against ACLs to ensure least-privilege access is maintained across all data centers.
• Manage the lifecycle of portal access: Auditing access provisioning/deprovisioning users and maintaining accurate documentation.
• Oversee physical access requests to data centers and ensure strict adherence to security policies.
• Drive the resolution of daily DCSC Jira tickets for portal access physical access audits and site decommissioning.
• Automate and streamline access review processes where possible utilizing standard communication templates to site managers.

• Own influence and orchestrate relationships within the partner Offering teams that can help drive Cloudflare offerings and strategic positioning.
• Monitor and implement changes to individual accountability regime requirements (such as UK Ireland Singapore and Australia).
• Maintain centralized documentation databases dashboards and reporting mechanisms to track compliance health.

• 3-6 years working in Security Compliance Information Security or Risk Management.
• Deep familiarity with all NIST 800-53 control families and FedRAMP requirements
• Ability to work closely with auditors and articulate technical concepts
• Experience in auditing of network operating system and application security
• Proven experience managing an audit throughout the full audit lifecycle (from readiness to final report)
• Familiarity with additional security standards and frameworks such as ISO 27000 SOC 2 PCI DSS ISMAP and IRAP.
• Ability to work cross-functionally with internal stakeholders and strong communications skills
• High tolerance for ambiguity and ability to work efficiently and independently in a fast-paced high-volume environment
• Some travel may be required to engage with regulators and auditors
• Certifications: CISSP CIPP CIPM CIPT CISA or CRISC.
• A relevant professional experience working with technology partners alliances or third-party vendors ideally in the following disciplines: Data center Security Compliance Access Management audit administration at a leading high-tech company; offering management
• Technical skills including the ability to understand (1) product roadmaps; (2) market trends and factors; and (3) complex partner requirements.
• Strong technical proficiency with spreadsheet software (Excel/Google Sheets) including pivot tables and VLOOKUPs for data reconciliation.
• Organized & Disciplined with a strong focus on driving outcomes
• Preferred Prior experience with Data Centre Security Compliance disciplines and audit programs and past history working at a hyperscaler or high-growth tech company.
• Preferred Superb organizational skills and demonstrated history managing complex processes including audit cycles Facts gathering and analytical skills.

What We Do

Cloudflare Inc. (NYSE: NET) is the leading connectivity cloud company on a mission to help build a better Internet. It empowers organizations to make their employees applications and networks faster and more secure everywhere while reducing complexity and cost. Cloudflare’s connectivity cloud delivers the most full-featured unified platform of cloud-native products and developer tools so any organization can gain the control they need to work develop and accelerate their business. Powered by one of the world’s largest and most interconnected networks Cloudflare blocks billions of threats online for its customers every day. It is trusted by millions of organizations – from the largest brands to entrepreneurs and small businesses to nonprofits humanitarian groups and governments across the globe.

Why Work With Us

Cloudflare employees come from all walks of life. We are mission-driven and our team is energized by a collaborative creative environment that celebrates our differences and fosters new ways to grow together.

Gallery