FedRAMP Compliance Program Manager
Seattle, WA, USA
This job was posted on:
September 2, 2020
$ - $
Changing the world through digital experiences is what Adobe’s all about. We give everyone—from emerging artists to global brands—everything they need to design and deliver exceptional digital experiences. We’re passionate about empowering people to craft alluring and powerful images, videos, and apps, and transform how companies interact with customers across every screen!
Are you a domain specialist in FedRAMP? We are looking for a FedRAMP Technology Compliance Program Manager role for Adobe’s Technology GRC (TechGRC) group. The role will be based out of Adobe’s San Jose or Adobe’s Washington, D.C. location. The person will lead the FedRAMP efforts for Adobe including liaison with the AO (authorizing agencies) & 3PAO & will report into TGRC Management at San Jose.
What You Will Do
The role focuses on working with the internal partners and engineering teams to document implementation of control requirements and supporting the cloud security standards including technical security and operational controls.
- Collect and detail technical architecture, operational processes and security policies from multiple internal engineering teams
- Review, detail, analyze and evaluate business systems and user needs in areas of Authorization and Accreditation (A&A) and Plans of Action and Milestones (POA&Ms)
- Collect security control implementation review results, penetration testing results, and vulnerability scan results for POAM reporting to authorizing agencies
- Demonstrate domain expertise in FedRAMP (Federal Risk Authorization Management Program), NIST SP 800-53 Rev 4, NIST SP 800-37, FISMA (Federal Information Systems Management Act), NIST RMF (Risk Management Framework), supporting Systems Security Assessment and Authorization (SA&A) for Federal Agencies, NIST FIPS 199 & Data Classification.
What You Will Need To Succeed
- Bachelors / Master’s Degree with a focus in Information Technology / Computer Science or related field
- Hand on experience with AWS & Azure environments
- Experience on FedRAMP and FISMA documents
- Experience developing, editing, and revising documentation including as-built documents, system security plans, system architectures, and policies and procedures.
- Experience with the production and/or editing of technical drawings using MS Visio or similar design tools.
- Experience with continuous monitoring, and POA&M management.
- Experience with National Institute of Standards and Technology (NIST) standards, DISA Cloud Computing Security Requirements Guide (SRG)
- Team-player with good interpersonal and planning skills
- Ability to multi-task, be detailed and tackle problems analytically
- Skilled at organizing and translating information into clear written documentation, articulating complex concepts and processes in writing
- Proven with Microsoft product suite, particularly Microsoft Word. Presentation and SharePoint