Public Sector Compliance Specialist

Adobe•San Jose, CA

About The Position

This role involves driving technology compliance activities across Adobe, with a focus on service readiness for public sector and federal security compliances and regulations. The specialist will act as a leader to guide business, operational, and security organizations in navigating existing and emerging compliances. Key responsibilities include developing compliance program workflows for new certifications, drafting compliance reports, identifying internal controls issues, maintaining FedRAMP authorizations, managing relationships with external auditors and government agencies, performing compliance mappings and gap analyses, collecting technical and operational details from engineering teams, and supporting internal teams in implementing security and compliance initiatives.

Requirements

US citizenship is required.
Bachelor’s degree with a focus in Information Technology, Information Systems, Computer Science; or equivalent degree required.
Minimum 5-7 years of experience in FedRAMP, FISMA, and/or NIST-related compliance frameworks required.
Hands-on experience with Cybersecurity Maturity Model Certification (CMMC) and Secure Software Development Framework (SSDF).
Experience in pursuing a new certification from beginning to end (business use case approval, pre-assessment, assessment, certification, and continuous monitoring).
Hands-on experience with AWS & Azure environments.
Knowledge of Core IT processes / services such as SDLC, Identity/User Access management, Backup and DR processes.
Good interpersonal, verbal and written communication skills.
Must be a team-player and possess strong organizational and planning skills.
Ability to communicate with both business and IT technical staff including IT and Business management.
Ability to grasp new technologies and concepts and understand how they can impact the business.

Responsibilities

Drive technology compliance activities across Adobe, including service readiness for public sector and federal security compliances/regulations.
Serve as a leader to guide business, operational, and security organizations to navigate existing and newly emerging compliances/regulations.
Develop compliance program workflows for new certifications such as CMMC, DoD CC SRG, Protected B, etc.
Draft compliance reports to summarize compliance objectives, key findings, and work with teams to remediate key findings.
Continuously identify internal controls issues, ensure they are well-defined and root causes are identified.
Build deep trust across federal and public sector industries by maintaining Adobe’s existing FedRAMP authorizations and driving initiatives to acquire new FedRAMP authorizations.
Own the ongoing relationship with external auditors and government agencies to help them gain confidence with regard to Adobe’s security compliance program.
Perform compliance mappings and gap analyses against compliance frameworks to identify level of effort of compliance frameworks such as NIST 800-53.
Collect and detail technical architecture, operational processes and security policies from multiple internal engineering teams.
Support internal teams in implementing new initiatives that emphasize security and compliance.