Diligent

Principal Federal Compliance Analyst (FedRAMP)

Posted 2 Days Ago

Be an Early Applicant

Hiring Remotely in Washington, DC

Remote

200K-210K Annually

Senior level

Software

The Role

Lead Diligent's U.S. Federal Compliance efforts by ensuring systems meet relevant compliance and regulatory requirements such as FedRAMP and NIST. Responsibilities include developing System Security Plans, performing Security Impact Assessments, maintaining compliance for SaaS platforms, and coordinating with internal teams and federal clients.

Summary Generated by Built In

About Us

Diligent is the global leader in modern governance, providing SaaS solutions across governance, risk, compliance, audit and ESG. Empowering more than 1 million users and 700,000 board members and leaders with a holistic view of their organization’s GRC practices so they can make better decisions, faster. No matter the challenge.

At Diligent, you are an agent of positive change. You are joining a team of passionate, smart, creative people who not only want to help build the software company of the future, but who want to make the world a more sustainable, equitable and better place. Be a part of a global community on a mission to make a real impact.

Learn more at diligent.com.

Position Overview:

Reporting to the Director of Security Governance, Risk, & Compliance, this position is a unique opportunity to lead Diligent’s U.S. Federal Compliance efforts for relevant products.

The candidate will be responsible for ensuring systems meet all relevant compliance and regulatory requirements, including FedRAMP, NIST, FISMA, and others. Experience working in a FedRAMP environment (High and/or Moderate) and with the Department of Defense Cloud Computing Security Requirements Guide (SRG IL5) is required.

Key Responsibilities

As the Information System Security Officer (ISSO), work with Federal clients, third-party assessors, internal teams, and Government stakeholders to understand compliance needs and ensure systems meet all relevant regulatory requirements.
Ensure continuity of Diligent’s authorization to operate (ATO).
Develop and maintain System Security Plans (SSP) for in scope systems.
Build and maintain system, network, and data flow diagrams to maintain compliance with relevant standards.
Perform Security Impact Assessments and coordinate Change Requests.
Lead gap assessment and remediation efforts to achieve and maintain baseline compliance.
Coordinate with Product and Technology teams to plan and execute Federal Systems roadmap.
Maintain Policy and Procedure documentation required to ensure compliance with standards and regulations.
Ensure the program remains compliant with monthly Continuous Monitoring requirements.
Report program metrics and trends to Security Leadership monthly.

Required Experience/Skills

University Degree in a field relevant to Information Security and/or Compliance, or Degree in any field plus demonstrable experience in the Information Security and Compliance domain.
10+ years of professional work experience in Information Security and Compliance.
At least 5 years of experience in U.S. Federal Compliance, preferably as an ISSO.
Strong knowledge of the AWS GovCloud environment and its related services.
Experience maintaining compliance for cloud hosted SaaS platforms.
NIST 800-53 and DoD SRG expertise.
Experience developing and maintaining System Security Plans (SSP).
Familiarity with vulnerability management concepts and workflows for container-based environments.
Excellent problem-solving and analytical skills.
Strong communication and negotiating skills, in both written and verbal form.
Must be able to obtain and maintain a government background/suitability determination to work within an AWS GovCloud environment and with DoD and other federal agencies as required.

Preferred Experience/Skills

Experience with vulnerability scanning technologies and outputs.
Comfort running and interacting with automation scripts, GRC software, and information security tools.
Relevant Information Security Certifications.
Familiarity with NIST Cyber Security Framework, SOC 2, and ISO 27001.
Leadership skills and experience.

U.S pay range

$200,000—$210,000 USD

What Diligent Offers You

Creativity is ingrained in our culture. We are innovative collaborators by nature. We thrive in exploring how things can be differently both in our internal processes and to help our clients
We care about our people. Diligent offers a flexible work environment, global days of service, comprehensive health benefits, meeting free days, generous time off policy and wellness programs to name a few
We have teams all over the world. We may be headquartered in New York City, but we have office hubs in Washington D.C., Vancouver, London, Galway, Budapest, Munich, Bengaluru, Singapore, and Sydney.
Diversity is important to us. Growing, maintaining and promoting a diverse team is a top priority for us. We foster and encourage diversity through our Employee Resource Groups and provide access to resources and education to support the education of our team, facilitate dialogue, and foster understanding.

Diligent created the modern governance movement. Our world-changing idea is to empower leaders with the technology, insights and connections they need to drive greater impact and accountability – to lead with purpose. Our employees are passionate, smart, and creative people who not only want to help build the software company of the future, but who want to make the world a more sustainable, equitable and better place.

Headquartered in New York, Diligent has offices in Washington D.C., Baltimore, London, Galway, Budapest, Vancouver, Bengaluru, Munich, and Sydney. 

We are a drug free workplace. Diligent is proud to be an equal opportunity employer. We do not discriminate based on race, color, religious creed, sex, national origin, ancestry, citizenship status, pregnancy, childbirth, physical disability, mental disability, age, military status, protected veteran status, marital status, registered domestic partner or civil union status, gender (including sex stereotyping and gender identity or expression), medical condition (including, but not limited to, cancer related or HIV/AIDS related), genetic information, or sexual orientation in accordance with applicable federal, state and local laws. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Diligent's EEO Policy and Know Your Rights. We are committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at [email protected].

To all recruitment agencies: Diligent does not accept unsolicited agency resumes. Please do not forward resumes to our jobs alias, Diligent employees or any other organization location. Diligent is not responsible for any fees related to unsolicited resumes.

Top Skills

AWS

Nist

View all jobs at Diligent

View Diligent Profile

Report Job

The Company

HQ: New York, NY

1,213 Employees

On-site Workplace

What We Do

Diligent is the leading GRC SaaS provider, serving nearly 1 million users from 25,000 organizations around the world. Our software enables holistic and informed conversations about governance, risk and compliance and ensures CEOs, CFOs and the board have an integrated view of audit, risk, information security, ethics and compliance from across the organization.

Our world-changing idea is to bring technology, insights and confidence to leaders so they can build more effective, equitable, and successful organizations – and create lasting, positive impact on the world. We seek to empower organizations to be better for their stakeholders and communities, for their customers and employees, for their bottom line.

Headquartered in New York, Diligent also has offices in Washington D.C., London, Galway, Budapest, Vancouver, Bengaluru, Munich, and Sydney.