BetterUp
BetterUp helps organizations drive transformation through lasting behavior change for all your key people.
Career Development • Learning and Development • Human Resources • Talent Development • Professional Coaching
501 - 1000
Senior Governance, Risk and Compliance Analyst
2 days ago
🏢 In-office - Manhattan
BetterUp
BetterUp helps organizations drive transformation through lasting behavior change for all your key people.
Career Development • Learning and Development • Human Resources • Talent Development • Professional Coaching
501 - 1000
Description
• This role is responsible for being a dedicated US Public Sector subject matter expert interfacing with the BetterUp federal team to support the delivery of a best-in-class information security federal GRC program • Collaborate closely with Product, Engineering, IT, People Operations, and Legal teams in devising action plans to meet FedRAMP requirements • Support and lead BetterUp’s US Public Sector GRC program, including requirements gathering, documentation, and planning • Be a FedRAMP subject matter expert (SME) and provide input to various business teams with regard to how FedRAMP compliance may impact product updates, SSP updates, or the underlying relevant processes • Leverage technical and program management skills to plan, track, collaborate, and report on FedRAMP program deliverables, including scheduling and leading meetings, assigning and tracking action items, and developing status reports • Work with the Engineering team to execute on continuous monitoring, including tracking and updating Plan of Action and Milestones and ensuring timely reporting to our government partners • Manage the security awareness and training program for employees on the Federal teams • Collaborate with the Federal Operations team to perform timely and efficient communication with our agencies and the FedRAMP PMO • Lead the Federal Customer Trust program, including external facing documentation and security questionnaires • Manage and develop related security documentation as applicable for FedRAMP policy lifecycle management • Provide support to the compliance audit and assessment efforts to include external third-party auditors with evidence collection and upload, auditor interview support, and auditor walk-throughs of policies, procedures, and related compliance and security documentation • Assist with performing and managing security impact analyses, reviewing access management controls, creating relevant training deployment to applicable users, and mapping technical implementation of changes to impacted NIST security controls • Assess the impact of new features and architectural changes to the FedRAMP boundary and SSP • Guide technical teams on relevant NIST requirements and documentation update tasks • Assist GRC team on other ad hoc important tasks when required
Requirements
• Strong communications and critical thinking skills, attention to detail, eagerness to learn, a curious nature, and a fundamental desire to help • Demonstrated achievement in driving and/or supporting a company’s journey in obtaining FedRAMP ATO • Subject matter expert level knowledge FedRAMP, FISMA, NIST 800-53, CMMC, NIST 800-171 as applicable to a SaaS environment • Security experience in at least some of the following domains: application security, vulnerability management, continuous monitoring, incident response, authentication / authorization, or data governance • Extensive knowledge and experience in working with cloud technologies and architectures, preferably AWS • Understanding of security metrics and creation of effective dashboards for management review and consumption • Able to articulate situations, challenges, risks, and see intersection of compliance impacts • Demonstrated ability to create and present security awareness training content • Excellent presentation, facilitation, and communication skills • Ability to build and cultivate strong relationships to make and influence decisions at multiple levels in the organization • Intermediate to advanced level expertise with Excel and PowerPoint • Must be a US citizen
Benefits
• Access to BetterUp coaching; one for you and one for a friend or family member • A competitive compensation plan with opportunity for advancement • Medical, dental and vision insurance • Flexible paid time off • All federal/statutory holidays observed • 4 BetterUp Inner Work days (https://www.betterup.co/inner-work) • 5 Volunteer Days to give back • Learning and Development stipend • Company wide Summer & Winter breaks • Year-round charitable contribution of your choice on behalf of BetterUp • 401(k) self contribution
Apply Now
