Location: US, MD, GaithersburgApply Now
OpenText is seeking a highly motivated, collaborative, technically experienced and well-organized Lead Security Compliance Analyst for IT Compliance (ITC) with the ability to understand various compliance requirements, effectively interpret and communicate the requirements to internal teams, and lead efforts to produce actionable plans to meet the compliance requirements. ITC Team, part of Global Information Security (GIS) is currently focused on, but not limited to SOC1, SOC2, PCI, HIPAA, ISO 27001, SOX. In this role, you will be involved in supporting the ITC function in delivering the OpenText FedRAMP program. This role will be instrumental in all aspects of the FedRAMP lifecycle from the inception to the ongoing maintenance of FedRAMP compliance.
You are great at:
• Provide subject matter expertise for FedRAMP and NIST 800-53 compliance standards and regulations.
• Participates in, or potentially leads, FedRAMP gap assessment, compliance readiness, and compliance monitoring activities.
• Coordinates, or potentially leads, delivery of audit milestones to ensure audit timelines stay on target by escalating and identifying roadblocks.
• Assists in, or potentially leads, the identification of business process improvements and partners with technology and business stakeholders to identify pragmatic approaches to compliance readiness and testing.
• Collaborates cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution.
• Interfaces with internal and external auditors for periodic audit activities
• Conducts various IT Compliance controls validation and implementation activities
• Collaborates with technology and business stakeholders along with other Compliance team members to facilitate remediation and execution of corrective action plans.
• Participates in continuous improvement initiatives.
• Develops metrics and dashboards for reporting on assigned compliance programs
• Provides coaching and mentorship to more junior team members
• Provides input into industry best practices for managing compliance in today’s landscape.
What it takes:
• 5+ years of experience in IT audit and/or compliance, with a concentration on FedRAMP, specifically experience leading a Cloud Service Provider through a FedRAMP ATO process
• Must possess a strong background with NIST Risk Management Framework (SP 800-53) and have broad range skills in the fields of NIST publications, FedRAMP requirements
• Experience with control assessments and coordination of audit activities.
• Familiar with Information Security principles, knowledge of IT processes (e.g. Change Management, Incident Management, Risk Management, Network and System Administration),
• Bachelor’s Degree in Information Technology, Business or related vocations.
• Exposure to ISO27001, PCI, HIPAA/HITRUST, SOC 2 is a plus
• Big four audit firm experience a plus.
• Experience with GRC Tools is a plus
• Industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor) a plus.
• Strong technical, analytical, interpersonal, communication and writing skills.
• Ability to work both independently and within a global team environment
• Self-starter, quick-learner, and pro-active problem-solving skills.
• Effective organization, follow-up and time management skills.
• Demonstrated strength in working in a high change environment.
• Ability to develop and foster strong relationships with technology and business stakeholders.
• Effective team collaboration plus the ability to coach and mentor others.
• Strong personal characteristics as demonstrated by the following: achievement-oriented, self-controlled, self-confident, flexible, approachable, and dedicated.
At OpenText we understand and value diversity in our employees and are proud to be an Equal Opportunity Employer. We hire the best talent regardless of race, creed, color, national origin, ancestry, disability, marital status, sex, age, veteran status or sexual orientation. If you require accommodation at any time during the recruitment process please email firstname.lastname@example.org. Applicants have rights under Federal Employment Laws including but not limited to: Family and Medical Leave Act (FLMA), Equal Employment Opportunity and Employee Polygraph Protection Act