Senior Information Security Internal Auditor

Summary

Join Everbridge as a Senior Information Security Internal Auditor and play a key role in maintaining the company's information security and privacy framework. This fully remote or hybrid position involves developing and managing the internal audit program based on FedRAMP Moderate requirements and other applicable standards. You will conduct compliance audits and assessments, work closely with engineering and operations teams, liaise with external auditors, and manage audit documentation. The ideal candidate possesses strong experience with FedRAMP, NIST 800-53, and other compliance frameworks, along with excellent communication and organizational skills. Everbridge offers a competitive salary and a comprehensive benefits package.

Requirements

• Experience working with FedRAMP, NIST 800-53, FISMA, and/or similar governance and compliance framework
• Strong understanding of FedRAMP information collection and reporting process
• Experience in reports development (status, metrics, and measures)
• Minimum 3 years of experience in security, assessments or compliance consulting or advisory work in in support of a highly technical environment
• Minimum 3 years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. FedRAMP, SOC 2, Bsi C5, or ISO 27001)
• Knowledge of Information Management policies, requirements, and best practices
• Ability to communicate in a clear and well-organized fashion and to influence decision-makers, both verbally and in writing
• Ability to lead with initiative and persuasiveness
• Excellent interpersonal and organizational skills

Responsibilities

• Develop and manage the internal audit program as part of the Compliance portfolio based on FedRAMP Moderate requirements, and other applicable standards
• Diligently maintain the company’s Information Security and Privacy Framework and underlying policies, procedures, standards and guidelines
• Conduct NIST 800-53 compliance audits and assessments and provide recommendations based upon FedRAMP defined controls and industry best practices
• Be fully responsible for Monthly FedRAMP ConMon assessments and submissions
• Will work closely with engineering and operation teams to ensure timely delivery of FedRAMP documents and meeting project milestones and objectives
• Liaise with auditors, articulate control implementation and impact, and describe considerations for applying security and compliance concepts to a technical cloud environment
• Represent Compliance on FedRAMP, and other certification project and strategies
• Provide the necessary support with maintaining documentation/evidence/artifacts
• Manage and organize the audits and documents using a GRC System
• Create audit plans and audit reports
• Keep documentation organized and document processes and guidelines
• Develop approach for continuous monitoring efforts and recertifications
• Assist with other audit activities as needed
• Facilitate external audits

Preferred Qualifications

CIA, CISA, CCSP, ISO 27001 Auditor Certification are a plus

Benefits

• Healthcare
• Dental
• Parental planning
• Mental health benefits
• Disability income benefits
• Life and AD&D insurance
• A 401(k) plan and match
• Paid time off
• Fitness reimbursements