Facebook pixel

Fedramp Analyst
Posted on 6/29/2022
Washington, DC, USA
Experience Level
Desired Skills
Data Analysis
  • Assisted in the development of the FedRamp Program and help to deliver a successful FedRAMP Authorization
  • Lead the development of a successful POA&M management and continuous monitoring program
  • Owned efforts to assess, baseline, and validate NIST alignment to drive roadmap development and implementation
  • Operationalize various GRC capability areas such as enterprise security risk management, compliance management, and policy management to both FedRAMP and NIST 800-171 standards
  • Partner and advise Engineering, Security, Product and other cross functional teams to communicate and maintain regulatory requirements across an evolving program and product landscape
  • Assisted with internal and external audit and risk assessments (e.g. FedRAMP, NIST ,SOC2, GDPR, ISO27001)
  • To help support a safe work environment, we encourage all employees in EMEA to get fully vaccinated against COVID-19
  • Employees will not be required to attend an event or in-person customer meeting
  • International travel will only be permitted if you receive approval from both your manager and Executive Leader
  • You must familiarize yourself and comply with any screening/safety protocols imposed by the entity/individual hosting the in-person meeting or event
  • You must comply with any and all safety guidelines and travel restrictions established by applicable law
  • If you are in close or proximate contact with others at the event/customer site and test positive for COVID-19, you must immediately notify the People Team and avoid contact with others for 10 days
Desired Qualifications
  • 3+ years of experience in relevant security related maintaining or delivering FedRamp Compliant Standards
  • Technical Knowledge of Security Engineering Tools, Techniques and Practices
  • Understanding and experience with both the Risk Management Framework (RMF) and Security Assessment and Authorization (SA&A) requirements
  • Understanding of Technological Risk measurements and assessment practices (e.g., Nist 800-30, 800-53, 800-171)
  • Experience in a government client facing role
  • Experience completing NIST CSF maturity assessments and developing program roadmaps
  • Experience with Software-as-a-Service or cloud service providers industry challenges
  • Foundational knowledge of IT Audit/compliance process and activities
  • Experience working in a regulated environment enforcing policies and procedures
  • Possesses the ability to drive projects to conclusion, while collaborating with a diverse group of professionals from both technical and non-technical backgrounds
  • Able to collect, synthesize, and analyze data from multiple outputs, including computer log sources to draw valid conclusions
  • Strong interpersonal skills and ability to work effectively with diverse and distributed teams
  • Strong foundational knowledge and experience with NIST and FedRAMP
  • SOC2, ISO27001, PCI, HITRUST, and GDPR experience are all big pluses
  • Verbal communication and presentation skills
  • Self-motivated with good time management skills

201-500 employees

Cryptocurrency investigation software
Company Overview
Chainalysis' mission is to develop clearer regulations, establish standard audit practices, and implement powerful compliance controls for cryptocurrency to sustain its current growth and integrate into the global financial infrastructure. By helping make that vision a reality with their compliance and investigation tools, Chainalysis gives banks, businesses, and governments the confidence and knowledge they need to help this new digital economy thrive.
Company Values
  • Earn the Right
  • Rigor
  • Team First
  • Strong Convictions/Loosely Held