FedRAMP Program Manager

Our client, a top eDiscovery software company, is seeking a FedRAMP Program Manager to join their team. The Program Manager reports to the GRC team and will lead the clients’ FedRAMP program from the design phase to the monitoring phase. The role includes managing updates to the client’s FedRAMP System Security Plan and providing support to compliance audit and assessment efforts with evidence collection and transfers. In addition, this role will perform and manage security impact analyses (SIAs) and map technical implementation of changes to impacted NIST security controls. The ideal candidate will be comfortable collaborating with internal stakeholders and liaising with outside counsel and have demonstrated domain expertise in FedRAMP, NIST SP 800-53 Rev 4, NIST SP 800-37, FISMA (Federal Information Systems Management Act), NIST RMF (Risk Management Framework), supporting Systems Security Assessment and Authorization (SA&A) for federal agencies, and NIST FIPS 199 & Data Classification. The Program Manager will be the internal SME for all FedRAMP framework requirements-related guidance to SMEs and Stakeholders.

Position Description

  • Lead and manage the Fedramp program, including making updates to the FedRAMP System Security Plan (SSP), managing the ConMon initiative
  • Be a FedRAMP subject matter expert (SME) and provide input to Engineering, IT, and various business teams with regard to how FedRAMP compliance may impact product updates, SSP updates, or the underlying relevant processes
  • Leverage technical and program management skills to plan, track, collaborate and report on FedRAMP program deliverables, including scheduling and leading meetings, assigning, and tracking action items, and developing status reports
  • Provide support to the compliance audit and assessment efforts to include external third-party auditors with evidence collection and upload, auditor interview support, and auditor walk-throughs of policies, procedures, and related compliance and security documentation
  • Assist with performing and managing security impact analyses, reviewing access management controls, creating relevant training deployment to applicable users, and mapping technical implementation of changes to impacted NIST security controls
  • Work with the Engineering team to execute continuous monitoring, including tracking and updating the Plan of Action and Milestones and ensuring timely reporting to the firm’s Agency partners
  • Collaborate with the Federal Operations team and Outside Counsel to perform timely and efficient communication with our agencies and the PMO; facilitate and verify that FedRAMP evidence and artifacts are created and uploaded according to FedRAMP continuous monitoring (ConMon) requirements
  • Assess the impact of new features and architectural changes to the Fedramp boundary and SSP; guide technical teams on relevant NIST requirements and documentation update tasks
  • Assist the GRC team on other ad hoc important tasks when required

Position Expectations:

  • Several years of information technology and/or information security experience
  • Vast experience in project or program management experience, playing a critical role in the execution, planning, tracking, delivery, or audit of a FedRAMP program (FedRAMP-moderate or FedRAMP-high)
  • Have domain expertise in FedRAMP (Federal Risk Authorization Management Program), NIST SP 800-53 Rev 4, and NIST SP 800-37 frameworks
  • Have a track record of successfully collaborating with technical and business teams to achieve deadline-driven milestones while demonstrating the ability to think critically and creatively, with analytical and problem-solving skills
  • Can independently operate and take a proactive approach to projects

 
#LI-BH1
#LI-Hybrid

Job Overview
  • Region

  • This months sponsor, DiscoveryMaster!
    DiscoveryMaster

    Receive job alerts:
    Your subscription could not be saved. Please try again.
    Your subscription has been successful.

    We use Sendinblue as our marketing platform. By Clicking below to submit this form, you acknowledge that the information you provided will be transferred to Sendinblue for processing in accordance with their terms of use

Your subscription could not be saved. Please try again.
Your subscription has been successful.
SIgn up for job alerts:

We use Sendinblue as our marketing platform. By Clicking below to submit this form, you acknowledge that the information you provided will be transferred to Sendinblue for processing in accordance with their terms of use