Principle Fedramp Continuous Monitoring Engineer

FedRAMP Continuous Monitoring Engineer

Are looking for an opportunity to drive our FedRAMP compliance initiatives?

Are you looking to become our FedRAMP SME?

About the Business

LexisNexis Risk Solutions provides customers with solutions and decision tools that combine public and industry specific content with advanced technology and analytics to assist them in evaluating and predicting risk and enhancing operational efficiency. We use the power of data and advanced analytics to help our customers make better, timelier decisions. By bringing clarity to information, we ultimately help make communities safer, insurance rates more accurate, commerce more transparent, business decisions easier and processes more efficient. You can learn more about LexisNexis Risk at the link below, https://risk.lexisnexis.com/

About our Team

This team is responsible for the implementation and manage the continuous monitoring of our FedRAMP program

About the Role

You will be responsible for overseeing and implementing the continuous monitoring processes in accordance with the NIST guidelines. You will be to ensure the ongoing compliance of our organization's systems and infrastructure with FedRAMP requirements.

Responsibilities

• Developing and maintaining a comprehensive continuous monitoring plan based on NIST SP 800-137 guidelines, FedRAMP requirements, and organization-specific needs.
• Establishing processes and procedures to collect, analyze, and report security-related information from various sources, such as security controls, vulnerability assessments, and incident response activities.
• Conducting regular risk assessments to identify potential vulnerabilities and threats to cloud-based systems. Define key performance indicators (KPIs) and metrics to measure the effectiveness of the continuous monitoring program
• Monitoring and analyzing security logs, event data, and system alerts to identify anomalies, security incidents, and non-compliance with established security policies.
• Evaluating vulnerability scans and penetration tests to assess the security posture of cloud-based systems.
• Reviewing and analyze security assessment and authorization (SA&A) artifacts, including system security plans, risk assessments, and security control implementation documentation.
• Providing support during internal and external audits or assessments by compiling and presenting evidence of compliance with FedRAMP and NIST guidelines.

Requirements

• Possess current and extensive FedRAMP continuous monitoring experience.
• Possess an In-depth understanding of the NIST Special Publication 800-53 guidelines and FedRAMP requirements
• Possess an understanding of security controls and their implementation within complex IT environments. Demonstrated experience in implementing and managing continuous monitoring programs for cloud-based systems within the Federal Government.
• Possess knowledge of cloud technologies, infrastructure, and security controls (e.g., AWS, Azure). Familiarity with industry-leading security tools, vulnerability scanners, and security information and event management (SIEM) systems.
• Proficiency in evaluating vulnerability assessments, penetration testing, and security and incident response.
• Knowledge of security assessment and authorization (SA&A) processes, system security plans, and risk management frameworks (e.g., RMF).
• Possess the ability to work across programming languages and frameworks (e.g., Python, Power Shell) Have the proficiency in Business Intelligence platforms (e.g., Power BI)
• Working knowledge of XML/JSON/Excel (Pivot Tables, VLOOKUPs, etc.)
• Experience with Data Warehousing and Extract, Load, Transform (ETL) process. Ability to work with databases and write simple to complex queries using SQL
• Have knowledge of software development methodologies (e.g., Agile, Waterfall). As well as familiarity with Cloud services (Azure)

Benefits Section of Job Description:

We know that your wellbeing and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer:

● Health Benefits: Comprehensive, multi-carrier program for medical, dental and vision benefits

● Retirement Benefits: 401(k) with match and an Employee Share Purchase Plan

● Wellbeing: Wellness platform with incentives, Headspace app subscription, Employee Assistance and Time-off Programs

● Short-and-Long Term Disability, Life and Accidental Death Insurance, Critical Illness, and Hospital Indemnity

● Family Benefits, including bonding and family care leaves, adoption and surrogacy benefits

● Health Savings, Health Care, Dependent Care and Commuter Spending Accounts

● In addition to annual Paid Time Off, we offer up to two days of paid leave each to participate in Employee Resource Groups and to volunteer with your charity of choice

Posting start date: 5/16/2024. We anticipate this posting will be posted for 30 days.

Position is eligible for base salary plus an annual bonus.

We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact 1-855-833-5120.

Criminals may pose as recruiters asking for money or personal information. We never request money or banking details from job applicants. Learn more about spotting and avoiding scams here.

Please read our Candidate Privacy Policy.

We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law.

USA Job Seekers:

EEO Know Your Rights.