Public Sector Compliance Specialist

About The Position

Requirements

• To follow US Federal government requirements, US citizenship is required.
• Bachelor’s degree with a focus in Information Technology, Information Systems, Computer Science; or equivalent degree required.
• Minimum 5-7 years of experience in FedRAMP, FISMA, and/or NIST-related compliance frameworks required.
• Hands-on experience with Cybersecurity Maturity Model Certification (CMMC) and Secure Software Development Framework (SSDF).
• Experience in pursuing a new certification from beginning to end (business use case approval, pre-assessment, assessment, certification, and continuous monitoring).
• Hands-on experience with AWS & Azure environments.
• Knowledge of Core IT processes / services such as SDLC, Identity/User Access management, Backup and DR processes.
• Good interpersonal, verbal and written communication skills.
• It is essential that the candidate is a team-player and possesses strong organizational and planning skills.
• Ability to communicate with both business and IT technical staff including IT and Business management.
• Ability to grasp new technologies and concepts and understand how they can impact the business.

Responsibilities

• Work under the supervision and guidance of the TechGRC manager and drive technology compliance activities across Adobe including service readiness for public sector and federal security compliances/regulations.
• Serve as a leader with vision within Adobe to help guide business, operational, and security organizations to navigate existing and newly emerging compliances/regulations.
• Develop compliance program workflows for new certifications such as CMMC, DoD CC SRG, Protected B, etc.
• Draft compliance reports to summarize the compliance objectives, key findings, and work with teams to remediate key findings.
• Continuously identify internal controls issues, ensure they are well-defined and root causes are identified.
• Build deep trust across federal and public sector industries by aspiring to continuously maintain Adobe’s existing FedRAMP authorizations and drive initiatives to acquire new FedRAMP authorizations.
• Own the ongoing relationship with external auditors and government agencies to help them gain confidence with regard to Adobe’s security compliance program.
• Perform compliance mappings and gap analyses against compliance frameworks to identify level of effort of compliance frameworks such as NIST 800-53.
• Collect and detail technical architecture, operational processes and security policies from multiple internal engineering teams.
• Supporting internal teams in implementing new initiatives that emphasize security and compliance.