[Remote] Senior Product Compliance Analyst -ISSO
Note: The job is a remote job and is open to candidates in USA. Ivanti is a global technology leader enabling organizations to elevate Everywhere Work. The Senior Product Compliance Analyst will lead the execution of compliance functions, support daily activities of the program, and ensure compliance with federal laws and audit requirements.ResponsibilitiesServe as the support for all FedRAMP related mattersWork closely with Information Security, Product, Software Development, Operations, as well as external vendors and third-party assessment vendors (3PAOs) to ensure FedRAMP, Common Criteria, and FIPS 140 audit requirements are metDeveloping and maintaining documentation for Certification and Accreditation (C&A), Security Assessment Plans (SAP), Security Assessment Reports (SAR), System Security Plans (SSP)Provide status updates on Federal audit program to key stakeholdersMaintain Federal program certification by successfully completing Federal audits (FedRAMP, Common Criteria, FIPS 140, IRAP, and ISMAP)Successfully support an audit program ensuring compliance with regulatory requirements, compliance standards, internal policies, and mandatesSupport a team of auditors, assigning tasks, setting priorities, and providing guidance through the audit processContinuously evaluate and enhance audit methodologies, processes, and tools to ensure effectiveness and efficiencySupport the development of security policies, training material, and other core documentsCoordinate and manage onsite assessments with external stakeholdersCommunicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual meansAdvise authorizing officials, chief information officers, senior information security leads on a range of audit related topicsWork independently and have the ability to prioritize conflicting demands from multiple business clients in an extremely fast-paced environmentWork across departments and business units to implement organization’s audit principles and programsSkillsWriting technical documentation demonstrating knowledge of Cloud and Security conceptsFrameworks such as: NIST SP 800 Series, FISMA, FedRAMPLeveraging technical and program management skills to plan, track, collaborate and report on regulated program deliverablesTracking and driving remediation of control deficiencies and gaps identified internally and externallyPrevious professional experience in a similar role with a focus on Federal audits (FedRAMP, FIPS 140, Common Criteria, and IRAP)Familiarity with security frameworks such as NIST and ISOExperience with communicating effectively and efficiently across diverse teams, through verbal and written exchangesProject management experience, leading and organizing a team to complete a project within a specific time frame and budgetConfident in delegating tasks and consistent in tracking and monitoring progressMust be able to start without any immigration support for FedRAMP complianceExperience working in an Information Systems Security Officer (ISSO) related capacityFamiliarity with SSP (System Security Plan)Experience with NIST RMFExperience with POAM (Plan Off Action Milestones)4+ years of previous professional experience in a similar role with a focus on Federal audits (FedRAMP, FIPS 140, Common Criteria, and IRAP)Industry certifications preferred (CISSP, Security +, CISM, or Cloud Certifications)Company OverviewIvanti automates IT and Security Operations to discover, manage, secure and service from cloud to edge. It was founded in 1985, and is headquartered in South Jordan, Utah, USA, with a workforce of 1001-5000 employees. Its website is http://www.ivanti.com.