FedRAMP Analyst

Stelle nicht auf LinkedIn

🕒 vor 24 Tagen

☕ Washington – Remote

☕ Washington – Remote

💵 $80.000 - $100.000 / Jahr

⏰ Vollzeit

🟡 Mittelstufe

🟠 Senior

🧐 Analyst

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Clearview AI

WebsiteLinkedInAlle Stellen

11 - 50 Mitarbeiter

Gegründet 2017

🤖 Künstliche Intelligenz

🔐 Sicherheit

🏛️ Regierung

Artificial Intelligence • Security • Government

Clearview AI ist ein in den USA ansässiges Unternehmen, das Gesichtserkennungssoftware und Ermittlungstools entwickelt und bereitstellt, die hauptsächlich von Strafverfolgungsbehörden, Regierungsstellen und dem Militär eingesetzt werden. Seine Plattform vergleicht Bilder mit einer sehr großen firmeneigenen Datenbank, um die Identifizierung von Verdächtigen, kriminalistische Untersuchungen, die Opferfindung und nationale Sicherheitsoperationen zu beschleunigen. Das Unternehmen legt besonderen Wert auf Genauigkeit, Skalierbarkeit und Sicherheit/Konformität für Kunden im öffentlichen Sektor.

Beschreibung

• Execute the monthly FedRAMP CONMON calendar and ensure timely completion of all required artifacts and submissions. • Own monthly vulnerability remediation tracking: intake scan outputs, open/track remediation tickets, validate closure evidence, and ensure SLA adherence (e.g., 30/90/180-day timelines). • Maintain and update the Plan of Action and Milestones (POA&M): create/update POA&M items, document milestones, track due dates, coordinate risk statements with Legal, and route for approvals. • Generate and maintain monthly inventory and configuration evidence (e.g., Integrated Inventory Workbook/IIW updates, authorized software evidence, baseline/config drift support). • Prepare monthly CONMON reporting packages, including Monthly Security Status Reports, CONMON Executive Summary inputs, deviation requests, and other stakeholder reports required by the Sponsoring Agency, FedRAMP PMO, or Authorizing Official. • Prepare deviation and exception requests: gather technical justification, compensating control documentation, scope/impact statements, and route through required approvals. • Support continuous monitoring governance activities: access review evidence, log/monitoring review evidence, and coordination of corrective actions with Engineering and Security & IT. • Maintain the CONMON and ATO artifact repository in Google Drive (or designated system): version control, naming conventions, evidence indexing, and audit-ready structure. • Support annual security testing activities (e.g., penetration tests, red-team exercises if applicable, IR/ISCP tabletop exercises) by tracking schedules, collecting artifacts, and documenting remediation status. • Support annual 3PAO assessment coordination: evidence collection, interview scheduling, assessor Q&A tracking, and findings remediation tracking in partnership with the VP, Federal Operations. • Support significant change workflows: help determine compliance impact, document change narratives, update SSP appendices as required, and maintain change evidence for CONMON. • Track training compliance for federal systems (Rules of Behavior acknowledgements, required awareness training completion) in coordination with People Ops and Security & IT. • Serve as a primary day-to-day point of contact for internal stakeholders for FedRAMP evidence requests and compliance status updates; escalate risks and blockers to the VP, Federal Operations.

🎯 Anforderungen

• 3+ years of experience in cybersecurity compliance, GRC, or operating regulated cloud environments (FedRAMP, DoD IL, CJIS, HIPAA, PCI, ISO 27001/42001, or similar). • Demonstrated experience executing continuous monitoring or recurring compliance reporting programs (monthly cadence preferred). • Working knowledge of NIST 800-53 and FedRAMP concepts (POA&M management, SSP/ATO artifact structure, assessment evidence expectations). • Experience coordinating vulnerability remediation tracking and translating technical findings into compliance artifacts (tickets, evidence, milestones, risk language). • Strong project management and organizational skills; ability to manage multiple deadlines and stakeholder inputs. • Excellent communication skills for producing audit-ready narratives, status reports, and executive summaries. • Comfort working with technical teams (Engineering, Security) to obtain evidence and validate remediation outcomes. • Experience using common tooling for evidence and workflow tracking (Google Drive, Jira/Linear, spreadsheets, ticketing systems). • Ability to manage confidential and sensitive cybersecurity information. • Candidates must be able to meet government security clearance requirements as required for this role. • **Preferred Qualifications:** • Direct experience supporting a FedRAMP Moderate/High authorization, annual 3PAO assessment, or agency ATO process. • Experience with SecondFront/Game Warden or other FedRAMP-adjacent platforms and inherited-control models. • Familiarity with vulnerability scanning, SIEM/log review concepts, and secure SDLC evidence (SAST/DAST, threat modeling). • Experience with evidence automation or compliance engineering approaches (repeatable evidence packets, templates, control mapping). • Relevant certifications (e.g., Security+, SSCP, CISSP Associate, CAP, CISA, PMP).

🏖️ Vorteile

• Medical, Dental, Vision, STD and LTD Plans • FSA - Medical and Dependent Care • EAP and wellness programs • 13 Paid Holidays • Unlimited PTO • Flexible work environment - 100% remote • 401(k) plan