Compliance Lead - FedRAMP
- Provide expertise for the development, enforcement, and maintenance of compliance initiatives for FedRAMP program, including policy development, control design, change management, compliance monitoring and audit management.
- Facilitate the development and documentation for our initial FedRAMP System Security Plan and Program with our 3PAO.
- Assist in decision making and project status reporting (along with PM).
- Work with the functional teams (e.g. engineering, IT, cloud services, support staff, etc.) and the 3PAO to provide clarity and proscribe solutions that are known to work in FedRAMP environment.
- Collaborate with your compliance team members and our functional teams in developing FedRAMP compliant policy, procedure, control and change management documentation.
- Design and conduct FedRAMP related internal control testing and compliance assessment activities to support moving through the FedRAMP “gates”.
- Participate in the update of our GRC system to include the facilitation and automation of future FedRAMP risk assessment, testing, change management and ongoing reporting requirements.
- Facilitate the design of FedRAMP compliance sustainment activities, roles and responsibilities.
- The Relativity Compliance team is maturing across multiple market credentials. Once our program is FedRAMP authorized, opportunities will exist for diversifying your portfolio of credentials, maturing our capabilities, and leading new compliance efforts.
- One or more relevant certifications (i.e. CISA, CISSP, CISM, CCSP, Sec+) or the ability to achieve within 12 months of hire
- Project or program management experience is a “plus”.
- Knowledge of secure software development lifecycle (SSDLC) methodology, ideally with cloud applications
- Experience with secure supplier categorization, vendor performance rating and vendor testing, ideally within FedRAMP / NIST standards.
- Experience using Microsoft Office Suite (Word, Excel, PowerPoint, SharePoint etc.)
- Ability guide collaborative, cross functional root cause analysis activities needed to remediate our compliance and risk posture.
- Two or more years of experience specific to Federal projects and information security auditing of FISMA/FedRAMP and the NIST 800-53 / SP 800-37 security controls and risk management framework
- At least five years of experience conducting audits for compliance monitoring, internal audit or external audit purposes, covering SOX 404 ITG controls and/or SOC 2 SSAE 16 controls
- Bachelor’s degree
- Experience planning and managing third-party audits (e.g., 3PAO, agency, auditor, etc.)
- Working knowledge of security concepts and NIST 800-53 framework and control principles
- Motivated self-starter who thrives in a changing, growing environment
- Able to work independently while collaborating effectively with other team members
- Articulate speaker; comfortable communicating complex security and compliance related topics
About RelativityRelativity has over 160,000 users in 40+ countries from organizations including the U.S. Department of Justice, more than 70 Fortune 100 companies, and all of the Am Law 200. Relativity's cloud solution, RelativityOne, offers all the functionality of Relativity in a secure and comprehensive SaaS product. Our company has also been named one of Chicago's Top Workplaces by the Chicago Tribune for seven consecutive years. If you’re ready to grow with us, we’d love to hear from you. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
How We #ActOnIt
Connect With Us
Not ready to apply? Connect with us for general consideration.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.