To learn more about how Dell Technologies is supporting our communities during COVID-19, please read a letter from Michael Dell.
Senior Compliance Advisor - Fedramp
Round Rock, TexasApply Now
Sr. Compliance Advisor- Fedramp
Bedford, MA or Remote
RSA helps the world's leading organizations solve their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing enterprise and cloud environments against today’s most sophisticated threats. Combining business-critical solutions in identity & authentication management, network forensics and GRC capabilities, RSA provides visibility and analytics to safeguard the identities and information of organizations worldwide.
Be part Information Security Governance, Risk & compliance team, supporting RSA’s internal security program to manage the security and resiliency risks across all aspects of RSA’s business. We are seeking individuals who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at RSA and further develop your career.
We are currently seeking a qualified candidate to serve as a Sr. Compliance Advisor for Fedramp, reporting to the Business Unit Security Officer. In this role you will be designing and implementing RSA’s continuous monitoring program in accordance to Fedramp Moderate and DOD IL4 standards. You will be involved in assessing the effectiveness of security controls across the services inside of the Fedramp boundary, including compliance to policy, applicable regulations and relevant contractual obligations. This includes but is not limited to:
·Coordinate and manage external auditors for Fedramp approved RSA services.
·Provide subject matter expertise for FedRAMP and NIST 800-53 compliance standards and regulations.
·Leads FedRAMP gap assessment, compliance readiness, and compliance monitoring activities.
·Coordinates delivery of audit milestones to ensure audit timelines stay on target by escalating and identifying roadblocks.
·Leads the identification of business process improvements and partners with technology and business stakeholders to identify pragmatic approaches to compliance readiness and testing.
·Collaborates cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution.
·Conducts various IT Compliance controls validation and implementation activities
·Support monthly, quarterly and annual Fedramp continuous monitoring activities
·Driving continuous control maturity evaluation
·Developing compliance training and awareness materials
·Providing compliance assurance reports and updates to executive leadership
•Strong knowledge of cybersecurity and information technology systems terminology, concepts, and practices.
•5+ years of experience in IT audit and/or compliance, with a concentration on FedRAMP, specifically experience. leading a Cloud Service Provider through a FedRAMP ATO process.
•Must possess a strong background with NIST Risk Management Framework (SP 800-53) and have broad range skills in the fields of NIST publications, FedRAMP requirements.
•A working knowledge of IT Controls frameworks (ISO, PCI, NIST), Payment Card Industry Data Security Standard PCI-DSS, Fedramp & DOD, Sarbanes-Oxley Act, ISO 27001 Standard as well as Data Privacy and Protection regulations is required.
•A working knowledge of eGRC platforms such as RSA Archer.
•Hands-on experience performing security control assessments utilizing established industry frameworks.
•Strong verbal and written communications skills are required as well as excellent organizational and time management abilities.
•Possess strong customer service skills, with the ability to work well independently, with minimal oversight.
•A degree in Information Technology, Information Security, and/or Accounting Information Systems is desired.
•Industry certifications relevant to the role include, but are not limited to: CRISC, CISM, ISA/QSA, PCIP, CISSP.
•A team player capable of embracing the Company’s culture of high standards related to privacy, ethics and compliance principles.
Dell Technologies is a unique family of businesses that helps organizations and individuals build their digital future and transform how they work, live and play—providing customers with the industry’s broadest and most innovative technology and services portfolio. We value our customers, winning together, innovation, results and integrity. Grow your career with a highly competitive salary, bonus programs, world-class benefits and unparalleled learning and development opportunities— all at a company that is proud to be diverse and inclusive. Learn more on how we are closing the diversity gap here.
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Dell encourages applicants of all ages. Read the full Employment Opportunity Policy here.