Director, Information Security– FedRAMP
SaviyntFull Time
Senior (5 to 8 years)
Candidates should possess a strong understanding of federal security and privacy frameworks, including FedRAMP, CMMC, and NIST 800-53, and experience developing security, privacy, and risk management frameworks. They should have experience creating and maintaining FedRAMP Authorization Packages, such as System Security Plans (SSPs), Plan of Action & Milestones (POA&Ms), and Security Assessment Reports (SARs). Strong analytical and problem-solving skills are required, along with the ability to collaborate effectively across teams.
The Product GRC SME will lead the development of new federal compliance frameworks with a FedRAMP focus, optimize GRC content for Vanta for Government (V4G), analyze feedback to improve content, collaborate across teams to integrate content into the platform, and partner with the Product team to drive innovation for federal solutions.
Automates SOC 2 compliance for businesses
Vanta simplifies the process of obtaining and maintaining SOC 2 certification, which is essential for organizations that manage sensitive customer data. The company offers a software-as-a-service (SaaS) platform that automates numerous checks to ensure that security controls are effective and compliant with industry standards. This automation helps small to medium-sized enterprises (SMEs) and tech companies monitor risks and vulnerabilities continuously, significantly reducing the time and cost associated with achieving SOC 2 compliance. Vanta's subscription-based model provides clients with a more efficient and cost-effective way to maintain compliance compared to traditional methods. The goal of Vanta is to transform the compliance process, allowing organizations to focus on their core operations while enhancing their security posture.