Information System Security Officer

 

Who we are...

In a world of constant change, we're leading the charge towards truly autonomous enterprises. Our cutting-edge platform harnesses the power of automation and generative AI to revolutionize how businesses manage and optimize their IT operations.

We're not just adapting to digital transformation—we're accelerating it. Our solutions bring business and operations leaders together, unlocking new levels of innovation, efficiency, and scalability. We empower organizations to deliver superior customer experiences and drive revenue growth in an always-on, always-mobile world.

At ScienceLogic, we're building the foundation for Autonomic IT—a future where IT operations are self-healing, self-optimizing, and aligned perfectly with business objectives. Our team of visionaries is reshaping the $18+ billion IT operations market, creating cost-optimized, efficient, and next-level capabilities for enterprises worldwide.

 

What we're looking for...

The Information System Security Officer (ISSO) is responsible for the success of the FedRAMP Authorization program at ScienceLogic. The ISSO will be responsible for ensuring execution of the initiatives within the FedRAMP roadmap and will work closely with Product Management, Engineering and SaaS Operations Leads to accomplish the required objectives.

 

What you'll be doing...

• Be the single point of contact for all things FedRAMP at  ScienceLogic, owning the FedRAMP Authorization program.
• Own the relationships and act as the interface with the 3PAO, sponsoring agency, contract ATO solution vendor, as well as the FedRAMP PMO.
• Lead the planning, scheduling, and preliminary analysis for all development requirements, as well as internal and external audits.
• Properly identify, remediate, communicate, or escalate technical and program risks.
• Aid the stakeholders in managing technical and program changes.
• Gather and report both program and technical metrics.
• Partner with Product Management, Engineering and Operations managers on program contributors’ accountability, and priorities.
• Stakeholder management outside of product teams including Security, IT, Operations, Customer Support, Business Applications, Legal, Sales, HR, and Finance.
• Ability to assess, customize, and use current program and compliance technologies.
• Define, execute, and manage the FedRAMP Baseline (BL) and Impact Level (IL) development roadmap, including identifying, communicating, and escalating program risks.
• Partner with Engineering, IT, and other teams to develop a sustainable and scalable FedRAMP environment and program.
• Coordinate and facilitate the relationships with the 3PAO, sponsoring agency/JAB, and FedRAMP PMO.
• Manage security assessments, creation of the Plan of Action & Milestones (POA&M), and ongoing Continuous Monitoring (ConMon) requirements.
• Collaborate with process owners and subject matter experts to influence prioritization of projects and solutions to reduce risk and improve compliance.
• Establish, maintain, and influence program stakeholder relationships, expectations, and communications.
• Review new product features and designs and provide guidance on requirements and standards including NIST 800-53, NIST 800-171, DoD ILs, and FedRAMP BL requirements.

Qualities you possess...

• FedRAMP experience, including successful completion of products through FedRAMP certification.
• Soft skills including the ability to gain the trust of stakeholders and senior management and negotiate priorities with outside teams.
• Working knowledge of the software development life cycle (SDLC) for SaaS applications.
• Excellent verbal and written communication skills.
• Strong analytical and problem-solving skills.
• Inspired by bringing cross-functional teams together to accomplish program objectives.
• US Citizenship.
• Bachelor’s degree.
• Experience with with the FedRAMP Authorization program; experience must strong knowledge in all phases of preparing and reviewing complete ATO packages for FedRAMP authorization.
• Experience with FedRAMP, NIST 800-53, FISMA, DoD ILs, DISA Security Requirements Guide, etc.
• Experience with continuous monitoring, third-party assessments, and audit management.
• Experience with vulnerability management and helping prioritize security related work.
• Excellent interpersonal, verbal, and written communication skills with the ability to communicate compliance related concepts to a broad range of technical and non-technical staff.
• Excellent organizational and program management skills.
• Experience leading massive, cross-functional programs with the ability to influence priorities and deliver on commitments.
• Experience with program / project management tools and dashboards.
• CISA, CISSP, CCSP, CCSK or other related certifications preferred.

Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At ScienceLogic, we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.

 

About ScienceLogic

ScienceLogic empowers intelligent, automated IT operations, freeing up time and resources, and driving business outcomes with actionable insights. ScienceLogic’s AIOps platform sees broadly across clouds and on-premises, enabling business service visibility with relationship mapping, and workflow automation to eliminate manual tasks. Trusted by thousands of organizations across the globe, ScienceLogic’s technology has been proven for scale by the world’s largest service providers, enterprises and government agencies.

 

www.sciencelogic.com

 

All ScienceLogic employees have the responsibility to protect information assets, adhere to access controls, report suspicious activity, and comply with security and privacy policies.

 

#LI-Remote

•

Last updated on Aug 21, 2024