Sr. Security Compliance Analyst, FedRamp at Auth0
Sorry, this job was removed at 11:06 a.m. (PST) on Friday, March 19, 2021
Auth0 is a unicorn that just closed a $120M Series F round of funding, with total capital raised to date of $330M and valuation of nearly $2B. We are growing rapidly and looking for exceptional new team members to add to our exceptional talent pool - and who will help take us to the next level of success. One team, one score.
Our vision is to provide people with secure access to any application in one click or less. And our promise is to make identity work for everyone—whether you’re a developer looking to innovate, or a security professional looking to mitigate. We are looking for curious, excited, boundary-pushing team members. So, if you’re a big thinker who is nimble and adaptable, Auth0 may be an ideal place for you to shine.
We are a Security company and Auth0's Security & Compliance team is in the privileged position of supporting a security-first culture for a company that wants to make the internet safer.
We are looking for a hands -on Senior Compliance Specialist to help build and execute a federal compliance portfolio of activities.
The role is a member of our small but mighty GRC team that work closely together on all compliance audit roles.
The primary function of this role is to help establish and build Auth0's Federal Risk and Authorization Management Program (FedRAMP).
In addition to building FedRAMP, you will also be responsible for the HITRUST related workstreams. You will also have the opportunity to learn and work on several other compliance and audit related work.
This role is a hands on position, non supervisory role that requires someone with prior FedRAMP audit and compliance.
- Provide subject matter expertise for FedRAMP and NIST 800-53 compliance standards and regulations.
- Participates in, or potentially leads, FedRAMP gap assessment, compliance readiness, and compliance monitoring activities.
- Coordinates, or potentially leads, delivery of audit milestones to ensure audit timelines stay on target by escalating and identifying roadblocks.
- Assists in, or potentially leads, the identification of business process improvements and partners with technology and business stakeholders to identify pragmatic approaches to compliance readiness and testing.
- Collaborates cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution.
- Interfaces with internal and external auditors for periodic audit activities.
- Conducts various IT Compliance controls validation and implementation activities.
- Collaborates with technology and business stakeholders along with other Compliance team members to facilitate remediation and execution of corrective action plans.
- Participates in continuous improvement initiatives.
- Develops metrics and dashboards for reporting on assigned compliance programs.
- Provides coaching and mentorship to more junior team members.
- Provides input into industry best practices for managing compliance in today's landscape.
- 5+ years of hands-on experience in IT audit and/or compliance.
- Recent hands-on concentration of work with FedRAMP Framework (audit and compliance experience).
- Previous experience experience leading a Cloud Service Provider through a FedRAMP ATO process.
- Must possess a strong background with NIST Risk Management Framework (SP 800-53) and have a broad range of skills in the fields of NIST publications, FedRAMP requirements.
- Experience with control assessments and coordination of audit activities.
- Familiar with Information Security principles, knowledge of IT processes (e.g. Change Management, Incident Management, Risk Management, Network and System Administration).
- Bachelor's Degree in Information Technology, Business, or related vocations.
- Strong technical, analytical, interpersonal, communication, and writing skills.
- Ability to work both independently and within a global team environment.
- Self-starter, quick-learner, and pro-active problem-solving skills.
- Effective organization, follow-up, and time management skills.
- Demonstrated strength in working in a high change environment.
- Ability to develop and foster strong relationships with technology and business stakeholders.
- Effective team collaboration plus the ability to coach and mentor others.
- Have experience with and are comfortable with a remote working environment.
- Prior experience as a Public Accounting/Big4 auditor preferred.
- Previous experience at a SaaS company in a similar role.
- Previous experience gaining an ATO or P-ATO.
- Exposure to ISO27001, PCI, HIPAA/HITRUST, SOC 2 is a plus.
- Industry standard certifications (CISSP, CISA, ISO 27001 Lead Implementer/Auditor) a plus.
Auth0 safeguards more than 4.5 billion login transactions each month and its top priorities are availability and security.
We like to think that we are helping make the internet safer. Our team is spread across more than 35 countries and we are proud to continually be recognized as a great place to work. Culture is critical to us, and we are transparent about our vision and principles.
Auth0 is an Equal Employment Opportunity employer. Auth0 conducts all employment-related activities without regard to race, religion, color, national origin, age, sex, marital status, sexual orientation, disability, citizenship status, genetics, or status as a Vietnam-era special disabled and other covered veteran status, or any other characteristic protected by law. Auth0 participates in E-Verify and will confirm work authorization for candidates residing in the United States.