Senior Information Security Auditor

Summary

Join Everbridge as a Senior Information Security Internal Auditor to develop and manage the internal audit program based on FedRAMP Moderate requirements, conduct NIST 800-53 compliance audits, and provide recommendations based upon FedRAMP defined controls and industry best practices.

Requirements

• Experience working with FedRAMP, NIST 800-53, FISMA, and/or similar governance and compliance framework
• Strong understanding of FedRAMP information collection and reporting process
• Experience in reports development (status, metrics, and measures)
• Minimum 3 years of experience in security, assessments or compliance consulting or advisory work in in support of a highly technical environment
• Minimum 3 years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. FedRAMP, SOC 2, Bsi C5, or ISO 27001)
• Knowledge of Information Management policies, requirements, and best practices
• Ability to communicate in a clear and well-organized fashion and to influence decision-makers, both verbally and in writing
• Ability to lead with initiative and persuasiveness
• Excellent interpersonal and organizational skills

Responsibilities

• Develop and manage the internal audit program as part of the Compliance portfolio based on FedRAMP Moderate requirements, and other applicable standards
• Diligently maintain the company’s Information Security and Privacy Framework and underlying policies, procedures, standards and guidelines
• Conduct NIST 800-53 compliance audits and assessments and provide recommendations based upon FedRAMP defined controls and industry best practices
• Be fully responsible for Monthly FedRAMP ConMon assessments and submissions
• Will work closely with engineering and operation teams to ensure timely delivery of FedRAMP documents and meeting project milestones and objectives
• Liaise with auditors, articulate control implementation and impact, and describe considerations for applying security and compliance concepts to a technical cloud environment
• Represent Compliance on FedRAMP, and other certification project and strategies
• Provide the necessary support with maintaining documentation/evidence/artifacts
• Manage and organize the audits and documents using a GRC System
• Create audit plans and audit reports
• Keep documentation organized and document processes and guidelines
• Develop approach for continuous monitoring efforts and recertifications
• Assist with other audit activities as needed
• Facilitate external audits

Benefits

• Healthcare
• Dental
• Parental planning
• Mental health benefits
• Disability income benefits
• Life and AD&D insurance
• A 401(k) plan and match
• Paid time off
• Fitness reimbursements