FedRAMP Systems Analyst

Posted:
9/3/2024, 2:57:54 AM

Location(s):
Reston, Virginia, United States ⋅ Virginia, United States

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
IT & Security

Workplace Type:
Remote

*This position can be remote within the US*

 

 

Who we are…

In a world of constant change, we're leading the charge towards truly autonomous enterprises. Our cutting-edge platform harnesses the power of automation and generative AI to revolutionize how businesses manage and optimize their IT operations.

We're not just adapting to digital transformation—we're accelerating it. Our solutions bring business and operations leaders together, unlocking new levels of innovation, efficiency, and scalability. We empower organizations to deliver superior customer experiences and drive revenue growth in an always-on, always-mobile world.

At ScienceLogic, we're building the foundation for Autonomic IT—a future where IT operations are self-healing, self-optimizing, and aligned perfectly with business objectives. Our team of visionaries is reshaping the $18+ billion IT operations market, creating cost-optimized, efficient, and next-level capabilities for enterprises worldwide.

 

What we’re looking for…

The FedRAMP Systems Analyst is responsible for the success of the FedRAMP Authorization program at ScienceLogic. The FedRAMP Systems Analyst will be responsible for ensuring execution of the initiatives within the FedRAMP roadmap and will work closely with Product Management, Engineering and SaaS Operations Leads to accomplish the required objectives.

 

What you’ll be doing…

 

  • Assist in the preparation and review of FedRAMP documentation, including System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action and Milestones (POA&M).
  • Document security findings, vulnerabilities, and compliance status in accordance with FedRAMP guidelines.
  • Properly identify, remediate, communicate, or escalate technical and program risks.
  • Aid the stakeholders in managing technical and program changes.
  • Gather and report both program and technical metrics.
  • Ability to assess, customize, and use current program and compliance technologies.
  • Manage the FedRAMP Baseline (BL) and Impact Level (IL) development roadmap, including identifying, communicating, and escalating program risks.
  • Facilitate the relationships with the 3PAO, sponsoring agency, and FedRAMP PMO.
  • Understand security assessments, creation of the POA&M, and ongoing Continuous Monitoring (ConMon) requirements.
  • Document security findings, vulnerabilities, and compliance status in accordance with FedRAMP guidelines.
  • Analyze security controls and requirements to ensure they align with FedRAMP standards.
  • Collaborate with process owners and subject matter experts to influence prioritization of projects and solutions to reduce risk and improve compliance.
  • Establish, maintain, and influence program stakeholder relationships, expectations, and communications.
  • Document security findings, vulnerabilities, and compliance status in accordance with FedRAMP guidelines.
  • Review new product features and designs and provide guidance on requirements and standards including NIST 800-53, NIST 800-171, DoD ILs, and FedRAMP BL requirements.
  • Understanding of DoDIN APL process and application.

 

 

Qualities you possess…

 

  • US Citizenship with the ability to obtain a Public Trust.
  • FedRAMP experience, including successful completion of products through FedRAMP certification.
  • Soft skills including the ability to gain the trust of stakeholders and senior management and negotiate priorities with outside teams.
  • Working knowledge of the software development life cycle (SDLC) for SaaS applications.
  • Excellent verbal and written communication skills.
  • Strong analytical and problem-solving skills.
  • Inspired by bringing cross-functional teams together to accomplish program objectives.
  • 3 or more years of experience in some facet with the FedRAMP Authorization program.
  • Experience with FedRAMP, NIST 800-53, FISMA, DoD ILs, DISA SRGs and STIGs, etc.
  • Experience with Program/Portfolio management toolsets (JIRA/Confluence).
  • Experience with continuous monitoring, third-party assessments, and audit management.
  • Experience with SATS tooling, such as SonarQube or Coverity.
  • Experience with vulnerability scanners such as Tenable.
  • Experience with vulnerability management and helping prioritize security related work.
  • Excellent interpersonal, verbal, and written communication skills with the ability to communicate compliance related concepts to a broad range of technical and non-technical staff.
  • Excellent organizational and program management skills.
  • Experience leading, cross-functional programs with the ability to influence priorities and deliver on commitments.
  • CISA, CISSP, CCSP, CCSK or other related certifications preferred.
  • Bachelor’s degree preferred.

 

 

Benefits & Perks

  • A remote-first culture - work from home or come into the office, it's totally up to you.
  • Comprehensive medical, dental and vision plans.
  • 401(k) plan with employer match.
  • Flexible Paid Time Off (FTO) so that you can take the time that you need to re-energize.
  • Volunteer Time Off (VTO) - take two days off per calendar year to volunteer with your preferred charitable organization.
  • 5-year Service Milestone Sabbatical.
  • Paid parental leave.
  • Generous employee referral bonus program.
  • Pet insurance.
  • HQ Office centrally located in Reston Town Center featuring a well-stocked kitchen with rotating snacks and beverages, and catered lunch on Thursdays.
  • Regular virtual company-wide events, including cooking classes, yoga, meditation and more.
  • The opportunity to learn and develop from some of the best and brightest minds in the industry!

Don’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification. At ScienceLogic, we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which you are applying.

 

 

About ScienceLogic

ScienceLogic empowers intelligent, automated IT operations, freeing up time and resources, and driving business outcomes with actionable insights. ScienceLogic’s AIOps platform sees broadly across clouds and on-premises, enabling business service visibility with relationship mapping, and workflow automation to eliminate manual tasks. Trusted by thousands of organizations across the globe, ScienceLogic’s technology has been proven for scale by the world’s largest service providers, enterprises and government agencies.

 

www.sciencelogic.com

 

All ScienceLogic employees have the responsibility to protect information assets, adhere to access controls, report suspicious activity, and comply with security and privacy policies.

 

#LI-Remote