Faraway Director of Compliance at Automattic

Our govt sector trade is abruptly increasing as we capitalize on america Federal Executive’s “Cloud Good” mandate, and we’re correspondingly expanding our funding in our GRC functions. In consequence, we are on the lookout for an skilled chief to steer our investments, and to make an affect by way of setting up an enterprise-grade, world-class Compliance serve as. 

Duties: 

• Be sure that attainment of FedRAMP Average ATO and lead and execute ongoing processes corresponding to ConMon, Annual Exams, and SCR (Vital Alternate Request) actions.
• Collaborate with stakeholders to outline a quarterly roadmap for the Compliance serve as to assist deal with two key spaces: (1) output actions to verify certifications (corresponding to FedRAMP) and buyer commitments are confident and (2) foundational actions to reinforce Compliance connected operations with measurable affect.
• Broaden and take care of documentation for all Compliance-related actions. 
• Paintings throughout product, engineering, techniques, and criminal groups to spot and organize privateness, information coverage dangers, and compliance necessities to assist meet trade wishes.
• Choose and put in force suitable techniques and reporting protocols to toughen a couple of units of certifications, documentation necessities, keep an eye on households on one facet, and to toughen provision of suitable documentation to auditors, sponsoring companies, consumers, and so forth. at the different facet.
• Have interaction and discuss with government and senior leaders to align Compliance and Safety methods with trade targets.
• Take part in buyer stakeholder calls to grasp new buyer necessities and to steer those interactions to assist stability commitments to talent to ship.
• Construct, scale, and organize our compliance staff to toughen our wishes as an enterprise-focused, allotted corporate.
• Advertise a tradition of compliance all the way through the group.
• Triage and organize all compliance-related priorities together with toughen for RFPs.

Necessities: 

• Area experience in public sector connected compliance, possessing deep figuring out of federal rules and frameworks corresponding to FedRAMP, NIST, and FISMA. 
• Deep enjoy with FedRAMP processes for AR, OR, and SCR; and when to leverage every.
• Revel in in effectively acquiring and/or keeping up FedRAMP Average (or upper) certifications for IaaS, PaaS, or SaaS answers or enjoy operating at an authorized 3PAO and having structured and carried out exams for a couple of CSPs throughout the previous 3 years.
• A number of related certifications corresponding to CISSP, CISA, or CRISC.
• Revel in operating with gross sales groups to answer RFPs, VSQs, and different questionnaires from possibilities and consumers.
• Revel in main and motivating cross-functional, interdisciplinary groups and scaling compliance-related operations.
• Revel in attractive with Compliance and Data Safety groups at Endeavor consumers to grasp necessities and to co-develop answers.
• Revel in with Cloud computing and containerization equipment (eg. Kubernetes).
• Working out of global, federal, state, and native rules relating to information acquisition, coverage, and transmission.
• Will have to be a resident of the contiguous United States.

Additional Credit score:

• Direct enjoy with FedRAMP Prime throughout the previous 3 years.
• Confirmed and efficient relationships throughout the FedRAMP PMO.
• Palms-on enjoy imposing compliance automation equipment corresponding to Drata, Vanta, HyperProof, and so forth.