Cloud Software Group, Inc.
Senior Principal Risk Manager
Cloud Software Group, Inc., Los Angeles, California, United States, 90079
The Senior Principal is responsible for overseeing the implementation, management, and compliance of cloud services with FedRAMP High/IL5 security standards. This individual contributor role ensures that all processes, policies, and practices align with federal regulations and cybersecurity requirements. The Director will lead efforts to achieve and maintain FedRAMP High and IL5 authorization for cloud services, manage relationships with federal agencies, and oversee risk management strategies related to cloud security.Key Responsibilities:FedRAMP Compliance Management:Develop and implement strategies to achieve and maintain FedRAMP High and IL5 authorization for cloud services.
Ensure that all cloud solutions comply with FedRAMP security requirements and federal regulations.
Coordinate with internal teams and third-party assessors to complete required documentation and assessments.
Risk Management and Security Oversight:Identify and mitigate security risks associated with cloud services.
Develop and enforce security policies, procedures, and controls to address FedRAMP High/IL5 requirements.
Conduct regular risk assessments and vulnerability evaluations.
Policy and Documentation:Prepare and review FedRAMP-related documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms).
Maintain up-to-date knowledge of FedRAMP policies and industry best practices.
Stakeholder Management:Serve as the primary point of contact for federal agencies and other stakeholders regarding FedRAMP High and IL5 authorization.
Manage relationships with auditors, assessors, and certification bodies.
Facilitate communication between internal teams, federal agencies, and external partners.
Leadership and Team Management:Lead and mentor a team of security professionals and compliance specialists.
Provide guidance and training on FedRAMP High/IL5 requirements and best practices.
Oversee the performance and development of team members.
Continuous Improvement:Monitor and review FedRAMP compliance processes to identify areas for improvement.
Stay informed about changes in FedRAMP requirements and emerging security threats.
Implement enhancements to maintain and improve compliance posture.
Qualifications:Education: Bachelor's degree in Information Security, Computer Science, Cybersecurity, or a related field; Master's degree or equivalent experience preferred.
Certifications: Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor) are highly desirable.
Experience: Minimum of 12+ years of experience in information security, with at least 5 years in a leadership role overseeing FedRAMP compliance programs.
Knowledge: Deep understanding of FedRAMP High/IL5 requirements, NIST standards, cloud security practices, and federal cybersecurity regulations.
Skills: Strong leadership, project management, and communication skills. Ability to manage complex projects and collaborate with cross-functional teams.
#J-18808-Ljbffr
Ensure that all cloud solutions comply with FedRAMP security requirements and federal regulations.
Coordinate with internal teams and third-party assessors to complete required documentation and assessments.
Risk Management and Security Oversight:Identify and mitigate security risks associated with cloud services.
Develop and enforce security policies, procedures, and controls to address FedRAMP High/IL5 requirements.
Conduct regular risk assessments and vulnerability evaluations.
Policy and Documentation:Prepare and review FedRAMP-related documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms).
Maintain up-to-date knowledge of FedRAMP policies and industry best practices.
Stakeholder Management:Serve as the primary point of contact for federal agencies and other stakeholders regarding FedRAMP High and IL5 authorization.
Manage relationships with auditors, assessors, and certification bodies.
Facilitate communication between internal teams, federal agencies, and external partners.
Leadership and Team Management:Lead and mentor a team of security professionals and compliance specialists.
Provide guidance and training on FedRAMP High/IL5 requirements and best practices.
Oversee the performance and development of team members.
Continuous Improvement:Monitor and review FedRAMP compliance processes to identify areas for improvement.
Stay informed about changes in FedRAMP requirements and emerging security threats.
Implement enhancements to maintain and improve compliance posture.
Qualifications:Education: Bachelor's degree in Information Security, Computer Science, Cybersecurity, or a related field; Master's degree or equivalent experience preferred.
Certifications: Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor) are highly desirable.
Experience: Minimum of 12+ years of experience in information security, with at least 5 years in a leadership role overseeing FedRAMP compliance programs.
Knowledge: Deep understanding of FedRAMP High/IL5 requirements, NIST standards, cloud security practices, and federal cybersecurity regulations.
Skills: Strong leadership, project management, and communication skills. Ability to manage complex projects and collaborate with cross-functional teams.
#J-18808-Ljbffr