Saltar al contenido principal

Senior Director FedRAMP Compliance

Security

Job Summary 

Equifax is looking for a  Global Security Compliance function head, who will serve as the primary point of contact for FedRAMP compliance from creation of SSP through 3PAO. This person will be responsible for working directly with internal security, technology, legal, and business stakeholders as well as with third party auditors to communicate compliance mandates and maintain compliance against published standards. This candidate should be willing to work from any 1 of our office locations in Atlanta, Alpharetta, GA, Rston, VA, or Saint Louis, MO.

What you’ll Do: 

  • Provide subject matter expertise for FedRAMP compliance and assist with FISMA compliance standards

  • Partner cross-functionally across Equifax to support the implementation of technical, management, and operational controls, with a focus on controls required by FedRAMP/FISMA.

  • Collaborate with internal teams to create and maintain the System Security Plan (SSP). Ensure the SSP is updated to reflect changes as they arise and that the changes are reviewed and approved before being incorporated in the SSP.

  • Lead the program to oversee FedRAMP continuous monitoring including tracking and reporting on Plans of Action and Milestones (POA&Ms).

  • Facilitate and verify FedRAMP/FISMA evidence and artifacts (monthly, quarterly, annually, etc.)

  • Interface with government officials to present the status of continuous monitoring activities.

  • Interface with government agencies who may be customers and/or FedRAMP sponsors

  • Manage onsite assessments and coordinate with internal and external stakeholders.

  • Maintain a current understanding of relevant compliance standards and regulations.

  • Monitor the industry landscape to keep visibility on evolutions, trends, and best practices for FedRAMP/FISMA compliance programs and integrate improvements into existing activities.

  • Drive remediation efforts for deficiencies and develop and support the implementation of compensating controls.

  • Develop and maintain KPIs, KRIs, and dashboards for reporting on assigned compliance programs weekly, monthly, quarterly, and annually.

  • Collaborates cross-functionally with security, technology, and business stakeholders to track and hold responsible parties accountable for timely, accurate, and complete responses, supporting documentation, and artifacts that solve for the ask the first time without compromise.

What experience you'll need:

  • 7+ years of applicable InfoSec. and /or program delivery experience, preferably for a large company.

  • Prior experience as BISO, Security or Compliance Manager  

  • 2+ years of experience in some facet with the FedRAMP authorization program.

  • 1 yr experience in reviewing  tech. architecture diagrams for application and equipment 

  • 1 yr experience working  with external contractors  and Gov. agencies

What could set you apart: 

  • Any Cloud experience 

  • Proven ability to effectively collaborate with cross-functional, cross-organizational teams to negotiate and assemble project plans, secure commitments on deliverables, and ensure resolution of blocking issues

  • Familiar with Information Security principles, knowledge of IT processes (e.g. Change Management, Incident Management, Risk Management, Network and System Administration),

  • Ability to translate complex technical and security issues into common language

  • Ability to deal effectively with a wide range of technical and functional team members at all levels of experience and decipher a wide range of responses into a cohesive result.

We offer comprehensive compensation and healthcare packages, 401k matching, paid time off, and organizational growth potential through our online learning platform with guided career tracks.

 

If this sounds like somewhere you want to work, don’t delay, apply today - we’re looking for you!

 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.


 

El trabajo en Equifax

Creemos en una mentalidad de crecimiento. En Equifax, esto incluye brindar a nuestros empleados oportunidades para desempeñarse al máximo y aprender nuevas habilidades a lo largo del camino para inspirar y desarrollar carreras profesionales satisfactorias

Laptopv2

Únase a nuestra comunidad de talentos

Obtenga información sobre las próximas oportunidades y eventos profesionales en Equifax

Inscribirse