The successful applicant will be performing work in FedRAMP High or IL-5 environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee).
This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.
Application window is expected to close on 9/27/24
WHO YOU ARE
As a Compliance Specialist within the GCC group, your primary role requires an in-depth understanding of various security certification frameworks like FedRAMP, CMMC, StateRAMP, TX-RAMP and others. You will be reporting into the GCC leadership and will help craft, govern, and evolve and a common control's strategy for Cisco.
WHAT YOU'LL DO:
Regularly Audit network/IT environment for compliance to Policy and associated SOP - Weekly/Daily reporting of internal high-risk systems, outstanding remediation, and mitigation activities,
Assist in development of Plan of Action and Milestones (POA&M) and, compliance.
Assist with POA&M management, mitigation statement formulation, with system administrators to resolve open findings of high- and at-risk systems.
Support Validation of IT security architecture for compliance.
Assist in compliance reporting for the Information Assurance Vulnerability Management (IAVM) program.
Conduct Incident Response and forensic analysis when vital
Assist in management of the assessment/authorization program for On-prem and cloud systems.
Coordinates with stakeholders to communicate status and action items for systems in process.
Develops and maintains relevant documentation for supported systems.
Coordinates Annual Reviews
Supports/Performs assessment of FedRAMP and NIST 800-53 controls
Coordinate with Threat Management Branch for Technical Assessment
Research security standards/tools; review or conduct system security and vulnerability assessments of cloud and on-prem environments in a fast-paced, demanding environment.
Support development and adoption of innovative methods to achieve compliance with government and commercial cybersecurity frameworks.
MINIMUM QUALIFICATIONS:
5+ years of professional experience
Experience with cyber security
Experience with AWS and/or other cloud environments.
Knowledge of one or more Compliance frameworks (e.g., FedRAMP, CMMC, StateRAMP, TX-RAMP, NIST, FISMA, etc.)
Knowledge of one or more core IT processes/services such as SDLC, Identity/User Access Management, Vulnerability Management, Backup and Disaster Recovery.
PREFERRED QUALIFICATIONS:
Ability to prioritize in a constantly evolving environment.
Ability to balance multiple programs.
Ability to partner with and lead others not reporting directly to you.
Excellent analytical skills
Relevant certifications like CISA, CISSP, CCSK, etc
We tackle whatever challenges come our way. We have each other’s backs, we recognize our accomplishments, and we grow together. We celebrate and support one another – from big and small things in life to big career moments. And giving back is in our DNA (we get 10 days off each year to do just that).