Information System Security Officer

What you're looking for...

The Information System Security Officer (ISSO) is responsible for the success of the FedRAMP Authorization program at ScienceLogic. The ISSO will be responsible for ensuring execution of the initiatives within the FedRAMP roadmap and will work closely with Product Management Engineering and SaaS Operations Leads to accomplish the required objectives.

What you'll be doing...

• Be the single point of contact for all things FedRAMP at  ScienceLogic owning the FedRAMP Authorization program

• Own the relationships and act as the interface with the 3PAO sponsoring agency contract ATO solution vendor as well as the FedRAMP PMO

• Lead the planning scheduling and preliminary analysis for all development requirements as well as internal and external audits

• Properly identify remediate communicate or escalate technical and program risks

• Aid the stakeholders in managing technical and program changes

• Gather and report both program and technical metrics

• Partner with Product Management Engineering and Operations managers on program contributors’ accountability and priorities

• Stakeholder management outside of product teams including Security IT Operations Customer Support Business Applications Legal Sales HR and Finance

• Ability to assess customize and use current program and compliance technologies

• Define execute and manage the FedRAMP Baseline (BL) and Impact Level (IL) development roadmap including identifying communicating and escalating program risks

• Partner with Engineering IT and other teams to develop a sustainable and scalable FedRAMP environment and program

• Coordinate and facilitate the relationships with the 3PAO sponsoring agency/JAB and FedRAMP PMO

• Manage security assessments creation of the Plan of Action & Milestones (POA&M) and ongoing Continuous Monitoring (ConMon) requirements

• Collaborate with process owners and subject matter experts to influence prioritization of projects and solutions to reduce risk and improve compliance

• Establish maintain and influence program stakeholder relationships expectations and communications

• Review new product features and designs and provide guidance on requirements and standards including NIST 800-53 NIST 800-171 DoD ILs and FedRAMP BL requirements

Qualities you possess...

• FedRAMP experience including successful completion of products through FedRAMP certification

• Soft skills including the ability to gain the trust of stakeholders and senior management and negotiate priorities with outside teams

• Working knowledge of the software development life cycle (SDLC) for SaaS applications

• Excellent verbal and written communication skills

• Strong analytical and problem-solving skills

• Inspired by bringing cross-functional teams together to accomplish program objectives

• US Citizenship

• Bachelor’s degree

• Experience with with the FedRAMP Authorization program; experience must strong knowledge in all phases of preparing and reviewing complete ATO packages for FedRAMP authorization

• Experience with FedRAMP NIST 800-53 FISMA DoD ILs DISA Security Requirements Guide etc.

• Experience with continuous monitoring third-party assessments and audit management

• Experience with vulnerability management and helping prioritize security related work

• Excellent interpersonal verbal and written communication skills with the ability to communicate compliance related concepts to a broad range of technical and non-technical staff

• Excellent organizational and program management skills

• Experience leading massive cross-functional programs with the ability to influence priorities and deliver on commitments

• Experience with program / project management tools and dashboards

• CISA CISSP CCSP CCSK or other related certifications preferred

Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At ScienceLogic we are dedicated to building a diverse inclusive and authentic workplace so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description we encourage you to apply anyway. You may be just the right candidate for this or other roles.

About ScienceLogic

We empower intelligent and automated IT operations.

The ScienceLogic SL1 platform enables companies to digitally transform themselves by removing the difficulty of managing complex distributed IT services. We use patented discovery techniques to find everything in your IT environment so you get visibility across all technologies and vendors running anywhere in your data centers or clouds

www.sciencelogic.com

All ScienceLogic employees have the responsibility to protect information assets adhere to access controls report suspicious activity and comply with security and privacy policies.

#LI-Remote