Senior Analyst

Summary

Join ChargePoint, a leading EV charging network company, as a Risk and Compliance Analyst to help maintain and manage our FedRAMP program, support management of system security plan (SSP), oversee monthly ConMon activities, and provide training and support to internal stakeholders.

Requirements

• Be knowledgeable of the FedRAMP control families, and capable of making/reviewing changes as needed to maintain our FedRAMP compliance
• Have led FedRAMP advisory projects and/or created complete FedRAMP packages
• Ability to collaborate with cross-geographic and cross-functional teams like Engineering, IT, Sales, Support, H.R. etc. to gather artefacts and perform audits on an on-going basis
• Expertise in the execution of various FedRAMP program components, including change reviews, controls assessment, advising stakeholders, remediation recommendations, deficiency evaluations and reporting
• Manage relationships with the FedRAMP agency sponsor, 3PAO, and other required stakeholders
• Understand the technical issues to raise them and facilitate collaborative resolutions
• Communicate status, risks/issues and mitigation plans to a 360 audience, ranging from management to engineers
• Comfortable using tools for the job - Jira, Confluence, SharePoint, CrowdStrike, Lucid Chart, Outlook, etc
• Demonstrate the ability to exercise judgment and display a high standard of ethics and professionalism
• Demonstrate exceptional communication skills, both written and verbal, with the ability to understand complexities of the business and technology
• Excellent oral and written communication and interpersonal skills with emphasis on building strong, longer-term relationships worldwide across different geographies and functions
• Detail oriented, self-motivated with the ability to meet project deadlines and deliverables in a fast-paced environment
• Bachelor’s degree in business administration, information technology, engineering, or related field, or equivalent work experience
• 4+ years of experience in FedRAMP compliance
• United States resident
• Practical experience working with federal compliance standards, frameworks, and methodologies, such as NIST 800-53, NIST SP 800-30, NIST SP 800-34, FedRAMP, FISMA, or NIST 800-171
• Oversee the development and implementation of Plans of Action and Milestones (POA&Ms)
• Experience maintaining federal security documentation including SSP & attachments, ConMon Plan, policies, and procedures
• Experience with GRC platforms, reporting tools and presenting compliance reports to senior stakeholders

Responsibilities

• Maintain and manage our FedRAMP program
• Support management of system security plan (SSP)
• Oversee monthly ConMon activities
• Review vulnerability and compliance scans, analyze the results, provide detailed assessments, and ensure remediations within SLA
• Provide training and support to IT/Engineering and other internal stakeholders on best practices and procedures for federal compliance