About the position
Unqork is seeking a highly experienced individual to join their team as a Security Risk Management professional. In this role, you will report to the Head of Security Risk Management and collaborate with various teams within the organization, including the CISO, IT Senior Management, Product Teams, and Sales. Your responsibilities will include ensuring compliance with security frameworks such as FedRAMP, SOC 2 Type 2, and ISO 27001, as well as supporting the scoping and implementation of security controls. Additionally, you will be involved in continuous monitoring activities and elevating Unqork's government presence. The ideal candidate will have a strong background in federal cybersecurity requirements, cloud computing processes, and risk management frameworks.
Responsibilities
- Report to the Head of Security Risk Management and work directly with Unqork CISO, IT Senior Management, Product Teams, and Sales
- Commit to team's Diversity, Equity and Inclusion goals created in DEI Unqork Application
- Ensure FedRAMP Security Assessment Framework compliance
- Monitor and support SOC 2 Type 2 and ISO 27001 compliance during yearly assessments
- Obtain future industry standards accreditation and/or certification
- Maintain existing and future FedRAMP Agency and/or JAB ATOs
- Provide hands-on support to technical teams for scoping and implementation of security and privacy controls
- Collect evidence and automate collection to support ongoing assessments
- Lead Continuous Monitoring customer meetings and manage programs to meet FedRAMP ConMon activities
- Elevate Unqork for Government to a High Impact Level
- Have 10+ years of relevant experience
- Ensure first-time quality for all written communications
- Deep dive into administrative, operational, and technical cloud computing processes
- Understand Federal Cybersecurity requirements and typical operations
- Have FedRAMP or FISMA assessment experience
- Have experience completing or supporting assessments resulting in obtaining a Federal system Authorization to Operate (ATO)
- Have 2-3 years of Cloud Cybersecurity experience (AWS primary)
- Have 3-5 years of Federal or DoD security or information system administration experience
- Have working knowledge of NIST SP, FIPS, CMMC, and other issuances
- Have significant experience managing security and privacy risks using a Risk Management Framework and performing risk assessments
- Have experience with SOC reporting for service organizations (SOC 1 and SOC 2) per AICPA standards
- Bonus: Cloud Cybersecurity for Azure and/or Google
- Bonus: Holding an active or inactive Secret or Top Secret clearance
- Work from home with a remote-first community
- Unlimited PTO
- Student loan payback program
- 100% employer-covered medical, dental, and vision options available
Requirements
- 10+ Years of relevant experience
- First time quality for all Written communications
- Love to deep dive into administrative, operational and technical cloud computing processes
- Understanding of Federal Cybersecurity requirements and typical operations
- FedRAMP or FISMA assessment experience
- Experience completing portions of assessments and/or supporting assessments resulting in obtaining a Federal system Authorization to Operate (ATO).
- 2-3 years Cloud Cybersecurity experience (AWS primary)
- 3-5 Years Federal or DoD security or information system administration experience
- Working knowledge of National Institute of Standards and Technology (NIST) Special Publication (SP), Federal Information Processing Standards (FIPS), Cybersecurity Maturity Model Certification (CMMC), and other issuances
- Significant experience managing security and privacy risks using a Risk Management Framework and performing risk assessments
- System and Organization Control (SOC) reporting for service organizations (SOC 1 and SOC 2) per AICPA standards
- Bonus: Cloud Cybersecurity for Azure and/or Google
- Bonus: Holding an active or inactive (within the time frame of being able to reactivate without a full reinvestigation) Secret or Top Secret clearance
Benefits
- Work from home with a remote-first community
- Unlimited PTO (and the encouragement to use it)
- Student loan payback program
- 100% employer-covered medical, dental, and vision options available to you and your dependents
- Flexible Spending Account (FSA)
- Monthly stipend toward your WFH setup, vacation, development and more
- Employer-sponsored 401(k) with contribution match
- Robust DEI Program that compensates ERSG leaders for their efforts
- Free Apple Fitness Plus through UHC
- 16 weeks of Paid Parental Leave for all new parents