FedRAMP Compliance Analyst

Description

We are seeking a detail-oriented FedRAMP Compliance Analyst to support our organization's adherence to the Federal Risk and Authorization Management Program (FedRAMP) requirements. This role is critical to ensuring our cloud services maintain compliance with federal security standards and support continuous monitoring, authorization processes, and audits. The ideal candidate will have experience with NIST SP 800-53, FedRAMP documentation, and working with cloud service providers in a regulatory context.

We’re growing and looking to hire an individual who embodies our core values: People First, Customer Obsession, Strive for Excellence, and Integrity.

About Claroty:   

Claroty has redefined cyber-physical systems (CPS) protection with an unrivaled industry-centric platform built to secure mission-critical infrastructure. The Claroty Platform provides the deepest asset visibility and the broadest, built-for-CPS solution set in the market comprising exposure management, network protection, secure access, and threat detection – whether in the cloud with Claroty xDome or on-premise with Claroty Continuous Threat Detection (CTD). Backed by award-winning threat research and a breadth of technology alliances, The Claroty Platform enables organizations to effectively reduce CPS risk, with the fastest time-to-value and lower total cost of ownership. Our solutions are deployed by over 1,000 organizations at thousands of sites across all seven continents.

A Great Place to Work® certified company, Claroty is headquartered in New York City with employees across the Americas, Europe, Asia-Pacific, and Tel Aviv. The company is widely recognized as the industry leader in CPS protection, with backing from the world’s largest investment firms and industrial automation vendors, recognized by KLAS Research as Best in KLAS for Healthcare IoT Security five years in a row, and ranking on the Forbes Cloud 100 and Deloitte Technology Fast 500 multiple consecutive years. 

Responsibilities

• Support the FedRAMP authorization and reauthorization processes, including development, review, and maintenance of system security documentation (SSP, POA&M, SAP, SAR, etc.)
• Map and analyze security controls against FedRAMP Moderate/High baselines and NIST SP 800-53 controls.
• Assist in implementing and monitoring security controls for FedRAMP-authorized systems.
• Coordinate with internal teams (engineering, operations, DevSecOps) to ensure security requirements are integrated into system design and operation.
• Maintain continuous monitoring documentation and support periodic assessments (e.g., annual assessments, penetration tests, vulnerability scans).
• Interface with Third Party Assessment Organizations (3PAOs), government customers, and internal stakeholders to support audits and assessments.
• Track and manage Plan of Action and Milestones (POA&M) items to closure.
• Provide compliance reporting, metrics, and risk analysis to management.
• Stay up-to-date with changes in FedRAMP requirements, NIST guidance, and related compliance frameworks (e.g., FISMA, CMMC).

Requirements

Required Qualifications:

• U.S. Citizenship (required for working in GovCloud environments)
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
• 2–4 years of experience in information security compliance or risk management, preferably in a FedRAMP or FISMA-regulated environment.
• Strong knowledge of NIST SP 800-53, FedRAMP Moderate/High baselines, and the FedRAMP authorization process.
• Experience with security documentation (SSP, POA&M, SAR, SAP, etc.) and governance tools.
• Familiarity with vulnerability scanning tools (e.g., Nessus, Qualys) and interpreting security findings.
• Eligibility to obtain a security clearance is required.

Preferred Qualifications:

• Experience working with or in a 3PAO or federal agency.
• FedRAMP or NIST security control implementation experience in AWS, Azure, or Google Cloud environments.
• Security certifications such as:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Auditor (CISA)
• Certified Authorization Professional (CAP)
• CompTIA Security+ or equivalent
• Experience with GRC platforms (e.g., RSA Archer, ServiceNow GRC, Xacta).

Soft Skills:

• Strong analytical and problem-solving skills.
• Ability to work independently and manage multiple priorities in a fast-paced environment.
• Effective written and verbal communication abilities.
• Ability to collaborate across teams and explain technical issues to non-technical stakeholders.
• Self-motivated with the ability to manage multiple priorities.

Why Claroty? Our Culture and Benefits: 

• As a Great Place to Work® certified company, we take pride in the culture we’ve built together—one rooted in camaraderie, credibility, fairness, and respect. 
• Claroty is a people first company. With strong bonds amongst the team, we believe in prioritizing personal care and support over work, confident that results follow from a harmonious environment. We celebrate professional and personal successes, committed to fostering a diverse and inclusive space. 
• Stability, we demonstrate continued growth over the past few years, raised over 700M$ from top tier investors, we have top tier board members and our products are sold worldwide, over 1000 customers. 
• We understand the importance of maintaining a healthy work-life balance, and encourage people to take the time they need to rest and prioritize their mental and physical health. We also provide a biannual “ClaroBreak”, a company-wide long weekend shutdown so we can all rest, recharge and spend time with our loved ones.
• We care about your development. At Claroty, we prioritize excellence and uphold high professional and ethical standards. We encourage career growth and exploration within the company, facilitated by biannual performance reviews, feedback sessions, and individual development planning, complemented by professional courses.
• We believe in transparency and openness. That’s why we regularly hold company all-hands, town hall meetings, and “Coffee with the CEO” sessions. We also conduct round table sessions and employee satisfaction surveys, to keep a pulse on what matters most to our team members and make our culture the best it can be. 
• While we have physical offices in New York, Tel Aviv, London and Singapore, we also embrace a hybrid working culture. This flexibility allows us to tap into a diverse talent pool and enables our team members to work in a way that suits their individual preferences and circumstances.  

Claroty is an equal-opportunity employer committed to fostering a diverse and inclusive work environment for all. We encourage applications from candidates of ALL diverse backgrounds, and special accommodations are available upon request in all selection phases.

You’re more than welcome to follow us on social media:

LinkedIn

Facebook 

Industry award

Latest news

Expected compensation for the role is between $110,000 - $120,000. This is a good-faith estimate but does not include equity. Pay will be by experience level, but those outside of the salary band are welcome to apply.

While we believe competitive compensation is a critical aspect of your decision to join us, we do hope you also spend time considering why our mission and culture are right for you. We are creating something amazing here, and we hope you are as excited about the future as we are.