Public Sector ISS, FedRAMP

Description

We are seeking an experienced Information Systems Security Officer (ISSO) to lead our Public Sector compliance efforts. The ideal candidate will have a strong background leading Federal compliance programs, with specific expertise in guiding our engineering and product teams to comply with requirements. This role will be critical in ensuring our cloud services meet the stringent security requirements set by the Federal Risk and Authorization Management Program and Federal Information Security Modernization Act.

As a Public Sector Security Compliance ISSO, you will lead efforts to achieve the necessary Authority to Operate for Verily’s products in scope.You will be directly supporting our products that serve Federal Agency Customers.

Responsibilities

• Own the development, implementation, and management of our FedRAMP/ FISMA compliance program, ensuring that our relevant products meet or exceed requirements.
• Develop and maintain the authorization package including comprehensive documentation, including System Security Plans, policies, procedures, and controls, to support FedRAMP/FISMA compliance initiatives. Ensure alignment of documentation with Verily overall unified compliance controls framework. Serve as the primary point of contact for federal agencies on security matters.
• Prepare and present compliance reports to senior management and stakeholders, highlighting the status of Public Sector Compliance initiatives and any areas requiring attention.
• Partner with sales teams to provide technical expertise during the sales process, participating in customer meetings, product demonstrations, RFP responses, and proof-of-concept engagements.
• Partner with product and engineering team to design security product architecture and features for federal customers.

Qualifications

Minimum Qualifications

• Bachelor's degree in Computer Science, Information Systems, or a related field. 8+ years of experience in Security Architecture, similar role, with a focus on audit attestation, 3+ years of direct experience with the FedRAMP Authorization Process, 3+ year experience with GRC analysis or audit.
• In-depth knowledge of FedRAMP authorization process including creating and managing POA&Ms, continuous monitoring, etc.
• Working knowledge of cloud applications, security tools and SaaS environments.
• Experience acting as a liaison with Federal Agencies for security.

Preferred Qualifications

• Relevant certifications such as CISSP, CISM, CRISC, or CISA are highly desirable.
• Experience conducting security audits, risk assessments, and vulnerability assessments.
• Excellent analytical and problem-solving skills, with the ability to identify and mitigate risks effectively.
• Prior experience with Google Cloud Platform and Amazon Web Services is a plus.
• Ability to translate technical security requirements into business language and communicate the value of security initiatives to key stakeholders.

The US base salary range for this full-time position is $194,000 - $258,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits.

#LI-SR1