November 14, 2024
Remote Full-Stack Engineer at MacroActive Ltd

Time zones: EST (UTC -5), CST (UTC -6), MST (UTC -7), PST (UTC -8), AKST (UTC -9), HST (UTC -10)

WordPress VIP (WPVIP), the venture department of Automattic, is the arena’s main content material control platform. Leveraging our FedRAMP certification, WPVIP is increasing its achieve into the general public sector, and rising momentum in extremely regulated use circumstances. WordPress, the Open Supply CMS, powers 40% of the internet, and our massive and rising ecosystem of applied sciences, products and services, and integrations is designed to convey that freedom and gear to our consumers, which come with a number of federal govt companies, in addition to Meta, The New York Instances, Salesforce, and masses extra. 

Our govt sector trade is abruptly increasing as we capitalize on america Federal Executive’s “Cloud Good” mandate, and we’re correspondingly expanding our funding in our GRC functions. In consequence, we are on the lookout for an skilled chief to steer our investments, and to make an affect by way of setting up an enterprise-grade, world-class Compliance serve as. 

With deep experience with the FedRAMP certification procedure in addition to Compliance extra in most cases, you’re going to pressure towards achieving compliance requirements together with FedRAMP, ISO27K, SOC, and CSA Famous person; give a contribution to evolving our method to GRC; and assist our trade seize a wholesome proportion of the federal government sector overall addressable marketplace. This will likely entail being conversant in compliance requirements corresponding to NIST 800-53, and in addition with the ability to information the group on implementation approaches that stability safety and compliance necessities with trade and cultural realities. Your manner will likely be sensible and come with a willingness to roll up your sleeves and toughen implementation in more than a few tactics, together with project-managing crucial efforts.

Duties: 

  • Be sure that attainment of FedRAMP Average ATO and lead and execute ongoing processes corresponding to ConMon, Annual Exams, and SCR (Vital Alternate Request) actions.
  • Collaborate with stakeholders to outline a quarterly roadmap for the Compliance serve as to assist deal with two key spaces: (1) output actions to verify certifications (corresponding to FedRAMP) and buyer commitments are confident and (2) foundational actions to reinforce Compliance connected operations with measurable affect.
  • Broaden and take care of documentation for all Compliance-related actions. 
  • Paintings throughout product, engineering, techniques, and criminal groups to spot and organize privateness, information coverage dangers, and compliance necessities to assist meet trade wishes.
  • Choose and put in force suitable techniques and reporting protocols to toughen a couple of units of certifications, documentation necessities, keep an eye on households on one facet, and to toughen provision of suitable documentation to auditors, sponsoring companies, consumers, and so forth. at the different facet.
  • Have interaction and discuss with government and senior leaders to align Compliance and Safety methods with trade targets.
  • Take part in buyer stakeholder calls to grasp new buyer necessities and to steer those interactions to assist stability commitments to talent to ship.
  • Construct, scale, and organize our compliance staff to toughen our wishes as an enterprise-focused, allotted corporate.
  • Advertise a tradition of compliance all the way through the group.
  • Triage and organize all compliance-related priorities together with toughen for RFPs.

Necessities: 

  • Area experience in public sector connected compliance, possessing deep figuring out of federal rules and frameworks corresponding to FedRAMP, NIST, and FISMA. 
  • Deep enjoy with FedRAMP processes for AR, OR, and SCR; and when to leverage every.
  • Revel in in effectively acquiring and/or keeping up FedRAMP Average (or upper) certifications for IaaS, PaaS, or SaaS answers or enjoy operating at an authorized 3PAO and having structured and carried out exams for a couple of CSPs throughout the previous 3 years.
  • A number of related certifications corresponding to CISSP, CISA, or CRISC.
  • Revel in operating with gross sales groups to answer RFPs, VSQs, and different questionnaires from possibilities and consumers.
  • Revel in main and motivating cross-functional, interdisciplinary groups and scaling compliance-related operations.
  • Revel in attractive with Compliance and Data Safety groups at Endeavor consumers to grasp necessities and to co-develop answers.
  • Revel in with Cloud computing and containerization equipment (eg. Kubernetes).
  • Working out of global, federal, state, and native rules relating to information acquisition, coverage, and transmission.
  • Will have to be a resident of the contiguous United States.

Additional Credit score:

  • Direct enjoy with FedRAMP Prime throughout the previous 3 years.
  • Confirmed and efficient relationships throughout the FedRAMP PMO.
  • Palms-on enjoy imposing compliance automation equipment corresponding to Drata, Vanta, HyperProof, and so forth.

Leave a Reply

Your email address will not be published. Required fields are marked *