Clarotyposted about 2 months ago
$180,000 - $190,000/Yr
Hybrid - New York, NY
Professional, Scientific, and Technical Services
About the position
We're growing and looking to hire a FedRAMP Compliance Program Manager, who embodies our core values: People First, Customer Obsession, Strive for Excellence, and Integrity. As a member of the Claroty Cybersecurity team you will play an integral role in leading the company's Federal and Public Sector compliance function. The FedRAMP Compliance Program Manager is responsible for developing and implementing the organization's FedRAMP compliance program. This role will work closely with cross-functional teams to ensure that FedRAMP requirements and obligations are satisfied.
Responsibilities
- Develop and implement the organization's FedRAMP compliance & security program
- Work with cross-functional teams to ensure that the FedRAMP requirements and obligations are satisfied for Claroty.
- Serve as the primary expert for compliance requirements, coordinating with subject matter experts (SMEs).
- Translate control requirements into simple terms, making them useful to our environment to enhance understanding and implementation.
- Provide technical guidance and lead discussions with Engineering, IT, and other teams to articulate FedRAMP/NIST requirements and facilitate necessary design and infrastructure modifications.
- Analyze boundary diagram, data flows, and interconnections, offering recommendations for compliance alignment.
- Lead and manage the FedRAMP audit process including the Continuous Monitoring (ConMon) initiative and own iterative program improvements.
- Track and report on FedRAMP compliance status to internal and external stakeholders, both with technical audiences and executive leadership.
- Stay up-to-date on FedRAMP regulations and best practices, including changes that impact Claroty's FedRAMP obligations.
- Provide training and guidance to internal stakeholders on federal compliance regulations.
- Serve as the company's authoritative voice on FedRAMP, representing the organization internally and externally with key stakeholders (Agencies, 3PAO, Advisory Services, etc.).
Requirements
- Bachelor's degree in computer science, information technology, or a related field
- 7+ years of experience in IT compliance and at least 3+ years within FedRAMP.
- Industry certifications such as CISSP, CEH, Security+ are desired
- Demonstrated experience managing complex project schedules, risks, dependencies, and execution until completion.
- Strong leadership skills while working with cross-functional teams, addressing challenges promptly, and the ability to adapt to changing circumstances or new information.
- Excellent communication and interpersonal skills, with an ability to build relationships and rapport with key internal and external stakeholders.
- Demonstrated security knowledge related to FedRAMP, and have experience running a compliance function for a company providing SaaS products.
- Demonstrated experience with the FedRAMP process, from end-to-end, including leading FedRAMP audits.
- Demonstrated experience managing FedRAMP risks, coordinating cross-functional teams, driving deadlines, and delivering results in a fast-paced environment with attention to detail and self-motivation.
- Direct experience being the interface directly with US federal government agencies for FedRAMP and ConMon activities.
- Demonstrated experience documenting and validating implementation of security controls and management of a System Security Plans (SSP) package.
- Familiarity with AWS, the shared responsibility model of FedRAMP, and the ability to communicate FISMA and FedRAMP inheritance models to both technical and non-technical audiences.
- Familiarity working with federal compliance standards, frameworks, and methodologies, such as NIST SP 800-53, NIST SP 800-37, FedRAMP, StateRAMP, FIPS 140-2/140-3, FISMA, DoD SRG, or NIST SP 800-171.
Benefits
- Stability, we demonstrate continued growth over the past few years, raised over 700M$ from top tier investors.
- We understand the importance of maintaining a healthy work-life balance, and encourage people to take the time they need to rest and prioritize their mental and physical health.
- We care about your development, encouraging career growth and exploration within the company.
- We believe in transparency and openness, regularly holding company all-hands, town hall meetings, and 'Coffee with the CEO' sessions.
- While we have physical offices in New York, Tel Aviv, London and Singapore, we also embrace a hybrid working culture.
