Job Description:

As a SecOps Lead specializing in FedRAMP program management and broader security practices, you will be at the forefront of our organization's efforts to maintain and enhance our security posture, ensuring not only compliance with the Federal Risk and Authorization Management Program (FedRAMP) guidelines but also instituting comprehensive security measures across all aspects of our operations. This role requires an extensive understanding of cloud security frameworks, risk management, continuous monitoring strategies, and a holistic view of organizational security practices. You will lead a team dedicated to implementing, managing, and optimizing our security operations to meet the stringent requirements of FedRAMP, alongside integrating and upholding other regulatory compliance standards and general security best practices that our organization must adhere to. Key Responsibilities: Lead the planning, implementation, and management of the FedRAMP authorization process, while also ensuring our security practices exceed FedRAMP requirements to provide a comprehensive security posture across the company. Develop and maintain a deep understanding of FedRAMP policies, procedures, and guidelines, alongside a broad knowledge of industry-wide security practices, to manage all aspects of our security and compliance programs effectively. Coordinate with internal teams and external stakeholders, including cloud service providers, third-party assessors, and government agencies, to ensure successful FedRAMP certifications, continuous compliance, and overall security integrity. Oversee the development and implementation of security policies, procedures, and controls as required for FedRAMP, other regulatory frameworks, and our internal security benchmarks. Lead security risk assessments and audits across the organization, identifying vulnerabilities and implementing remediation strategies to mitigate risks, beyond those identified in the FedRAMP guidelines. Manage continuous monitoring activities and extend these practices to cover all aspects of our organization's security, ensuring ongoing compliance with FedRAMP, other security requirements, and best practices. Drive security awareness and training programs across the organization to ensure all team members understand and comply with security policies and procedures, fostering a culture of security mindfulness. Stay abreast of emerging security threats, technologies, and best practices, adapting our security stance as necessary to protect organizational assets, data, and ensure a robust defense against cyber threats. Requirements: At least 10 years of information security experience, with a focus on cloud security, compliance, and a comprehensive understanding of organizational security practices. Proven experience in implementing and managing FedRAMP authorization processes, maintaining FedRAMP compliance, and developing broad security practices across an organization. Familiarity with a wide range of compliance frameworks (e.g., SOC 2, ISO 27001) and the ability to integrate various standards into a cohesive security strategy. Professional certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), and other relevant certifications reflecting a broad security expertise are strongly preferred. Excellent team management skills, with the ability to motivate and guide a team towards achieving comprehensive compliance and security objectives. Strong analytical and problem-solving skills, with the ability to manage complex projects, multi-task effectively, and develop innovative security solutions. Excellent communication and interpersonal skills, with the proficiency to communicate complex security concepts to both technical and non-technical stakeholders, ensuring organization-wide engagement in our security initiatives.