FedRAMP Compliance Specialist

Apply
  • Location:
    Richardson, Texas, US
  • Alternate Location
    San Jose, CA
  • Area of Interest
    Security
  • Compensation Range
    106400 USD - 203100 USD
  • Job Type
    Professional
  • Technology Interest
    Security
  • Job Id
    1417189
The successful applicant will be performing work in FedRAMP High or IL-5 environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.


Who You'll Work With : 

In today's dynamic digital environment, security is everyone's job. At Cisco, the Security and Trust Organization is at the core of making infrastructure more secure. Your involvement in this strategic and results-oriented team will enable you to be part of one of Cisco's major objectives - to be the Number 1 Trusted Business partner to our customers.

The organization reports to Cisco's Chief Security and Trust Officer and is responsible for the innovation, training, and implementation of security and trust features and processes across all of Cisco's products.

The Global Cloud Compliance (GCC) group within the STO is responsible to drive Compliance certifications across Cisco. This team is responsible for enabling and protecting Cloud sales for our Commercial customers, US Government and Federal agencies, as well as many international standards bodies.

As a Cloud Technology Compliance Engineer within the GCC group, your primary role requires an in-depth understanding of various security certification frameworks like SOC2, ISO 27001, ISO 27017, C5, ENS, and others. The compliance Engineer will be reporting into the GCC leadership and will help craft, govern, and evolve a common control's strategy for Cisco.


What You'll Do:

Collaborating with FedRAMP personnel from various business units (BUs) to develop and maintain a continuous monitoring program for each system.
Develop and update ConMon package documentation including the Plan of Action and Milestones (POA&M), Deviation Requests, and Executive Summary.
Work with internal and external stakeholders, including Agency/JAB reviewers, 3PAO assessors, and internal teams spread across BUs.
Work with various teams to ensure timely remediation of vulnerabilities and findings.
Coordinate and verify FedRAMP evidence and artifacts per Continuous Monitoring requirements.
Partner with engineering and operations teams to ensure alignment to compliance requirements for FedRAMP.
Effectively communicate with management on decisions that impact federal programs and teams.


Who You Are

Minimum Requirements: 

  • Must have Bachelors + 1-3 years of related experience or Masters + 1 years of related or demonstrated experience in FedRAMP requirements, NIST SP 800-53, and/or FedRAMP ConMon processes.
  • Hands-on experience with monthly ConMon processes for a FedRAMP system
  • Experience with AWS, Azure, and/or GCP
  • Experience with vulnerability scanning and related tools (Tenable, Qualys, Burp Suite, Aqua, etc)

Preferred Requirements:

  • The ability to drive collaboration and influence multiple technical and functional teams.
  • Ability to operate effectively in a remote environment.
  • Experience working with governance, risk, and compliance systems and tooling

Why Cisco?

#WeAreCisco. We are all unique, but collectively we bring our talents to work as a team, to develop innovative technology and power a more inclusive, digital future for everyone. How do we do it? Well, for starters – with people like you!

Nearly every internet connection around the world touches Cisco. We’re the Internet’s optimists. Our technology makes sure the data traveling at light speed across connections does so securely, yet it’s not what we make but what we make happen which marks us out. We’re helping those who work in the health service to connect with patients and each other; schools, colleges, and universities to teach in even the most challenging of times. We’re helping businesses of all shapes and sizes to connect with their employees and customers in new ways, providing people with access to the digital skills they need and connecting the most remote parts of the world – whether through 5G, or otherwise.

We tackle whatever challenges come our way. We have each other’s backs, we recognize our accomplishments, and we grow together. We celebrate and support one another – from big and small things in life to big career moments. And giving back is in our DNA (we get 10 days off each year to do just that).

We know that powering an inclusive future starts with us. Because without diversity and a dedication to equality, there is no moving forward. Our 30 Inclusive Communities, that bring people together around commonalities or passions, are leading the way. Together we’re committed to learning, listening, caring for our communities, whilst supporting the most vulnerable with a collective effort to make this world a better place either with technology, or through our actions.

So, you have colorful hair? Don’t care. Tattoos? Show off your ink. Like polka dots? That’s cool. Pop culture geek? Many of us are. Passion for technology and world changing? Be you, with us! 
#WeAreCisco

#STO24
Message to applicants applying to work in the U.S. and/or Canada:

When available, the salary range posted for this position reflects the projected hiring range for new hire, full-time salaries in U.S. and/or Canada locations, not including equity or benefits. For non-sales roles the hiring ranges reflect base salary only; employees are also eligible to receive annual bonuses. Hiring ranges for sales positions include base and incentive compensation target. Individual pay is determined by the candidate's hiring location and additional factors, including but not limited to skillset, experience, and relevant education, certifications, or training. Applicants may not be eligible for the full salary range based on their U.S. or Canada hiring location. The recruiter can share more details about compensation for the role in your location during the hiring process.

U.S. employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday. Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO. We offer additional paid time to volunteer and give back to the community. Employees are also able to purchase company stock through our Employee Stock Purchase Program.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco typically pays as follows:

.75% of incentive target for each 1% of revenue attainment up to 50% of quota;

1.5% of incentive target for each 1% of attainment between 50% and 75%;

1% of incentive target for each 1% of attainment between 75% and 100%; and once performance exceeds 100% attainment, incentive rates are at or above 1% for each 1% of attainment with no cap on incentive compensation.

For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.

Share

Apply