Public Sector Compliance Specialist

Adobe•McLean, NY

About The Position

Work under the supervision and guidance of the TechGRC manager and drive technology compliance activities across Adobe including service readiness for public sector and federal security compliances/regulations. Serve as a leader with vision within Adobe to help guide business, operational, and security organizations to navigate existing and newly emerging compliances/regulations. Develop compliance program workflows for new certifications such as CMMC, DoD CC SRG, Protected B, etc. Draft compliance reports to summarize the compliance objectives, key findings, and work with teams to remediate key findings. Continuously identify internal controls issues, ensure they are well-defined and root causes are identified. Build deep trust across federal and public sector industries by aspiring to continuously maintain Adobe’s existing FedRAMP authorizations and drive initiatives to acquire new FedRAMP authorizations. Own the ongoing relationship with external auditors and government agencies to help them gain confidence with regard to Adobe’s security compliance program. Perform compliance mappings and gap analyses against compliance frameworks to identify level of effort of compliance frameworks such as NIST 800-53. Collect and detail technical architecture, operational processes and security policies from multiple internal engineering teams. Supporting internal teams in implementing new initiatives that emphasize security and compliance.

Requirements

US citizenship is required.
Bachelor’s degree with a focus in Information Technology, Information Systems, Computer Science; or equivalent degree required.
Minimum 5-7 years of experience in FedRAMP, FISMA, and/or NIST-related compliance frameworks required.
Hands-on experience with Cybersecurity Maturity Model Certification (CMMC) and Secure Software Development Framework (SSDF).
Experience in pursuing a new certification from beginning to end (business use case approval, pre-assessment, assessment, certification, and continuous monitoring).
Hands-on experience with AWS & Azure environments.
Knowledge of Core IT processes / services such as SDLC, Identity/User Access management, Backup and DR processes.
Good interpersonal, verbal and written communication skills.
Must be a team-player and possess strong organizational and planning skills.
Ability to communicate with both business and IT technical staff including IT and Business management.
Ability to grasp new technologies and concepts and understand how they can impact the business.

Responsibilities

Drive technology compliance activities across Adobe including service readiness for public sector and federal security compliances/regulations.
Serve as a leader with vision within Adobe to help guide business, operational, and security organizations to navigate existing and newly emerging compliances/regulations.
Develop compliance program workflows for new certifications such as CMMC, DoD CC SRG, Protected B, etc.
Draft compliance reports to summarize the compliance objectives, key findings, and work with teams to remediate key findings.
Continuously identify internal controls issues, ensure they are well-defined and root causes are identified.
Maintain Adobe’s existing FedRAMP authorizations and drive initiatives to acquire new FedRAMP authorizations.
Own the ongoing relationship with external auditors and government agencies to help them gain confidence with regard to Adobe’s security compliance program.
Perform compliance mappings and gap analyses against compliance frameworks to identify level of effort of compliance frameworks such as NIST 800-53.
Collect and detail technical architecture, operational processes and security policies from multiple internal engineering teams.
Support internal teams in implementing new initiatives that emphasize security and compliance.