Senior Cloud Compliance Analyst

The Basics

The Senior Cloud Compliance Analyst will be the focal point for all FedRAMP internal and external parties, drive high-level process related to continuous improvement of FedRAMP requirements and anything else that bolsters or support the compliance aspects of Tanium’s FedRAMP program. 

 The ideal candidate must demonstrate in-depth knowledge and experience in cloud security controls implementation, compliance auditing, accreditation/certification (especially FedRAMP) and creation of risk management frameworks involved therein in order to define needs and goals, and guide continual improvement approaches. They should demonstrate command of or acute familiarity with the CSAs Cloud Controls Matrix, with NIST 800-53 / 800-171, with the ISO 27000 series and with FedRAMP pursuit. The Cloud Compliance Analyst will be accountable for ensuring that business operations are effectively and consistently in compliance with Tanium’s information and cloud security practices. 

What you'll do

• FedRAMP Security Audit Management: 
  • Manage the relationships and execution of all processes related to internal and external audit
  • Act as a key initiative driver and SME in in Tanium’s pursuit of FedRAMP Authorization
  • Assess and review new vendors for optimal controls implementation and compliance 

• FedRAMP Information Risk Reporting: 
  • Play the lead role in ongoing reporting requirements
  • Communicate results of findings
  • Make recommendations for improvement through concise, high quality reports 

• FedRAMP Security Assurance Program Development: 
  • Integrate the tracking of the FedRAMP Compliance Framework with the requirements of emerging Customer-Facing Cloud Infrastructure Frameworks at Tanium
  • Write and revise Tanium’s System Security Plans (SSP), Plan of Actions & Milestones (POA&Ms), policies, standards, procedures, guidelines and other documentation based on Tanium’s business needs
  • Seek opportunities for continuous improvement of risk assessment and compliance practices to drive efficiency 

• Act as a consultant to the business. Develop and maintain expertise, acting as a Subject Matter Expert (SME) in the fields of risk and audit management. 

We’re looking for someone with

• Education
  • Bachelor's Degree in Computer Science, Engineering, IT, InfoSec or other relevant degree or equivalent work experience 

• Experience 
  • 5-7 years business/technical/information security/risk compliance experience
  • Experience in information security risk analysis, auditing, compliance, policies, and overall governance and communication
  • Knowledge of hybrid IT systems, networking, and cloud environments (AWS, Google, etc.)
  • Demonstrated success implementing and Information Security control frameworks and standards such as ITIL, CIS Top 20, SOC 2, GDPR, NIST CSF / 800-53, FISMA, and FedRAMP
  • Strong knowledge of audit and risk management methodologies, such as COBIT, NIST 800-37/800-30, FAIR
  • Experience with GRC, IAM, and risk management tools and solution
  • Experience with information security tools and solutions. 

• Certifications 
  • CISA, CRISC, GIAC, CISM, or CISSP certifications (preferred)

About Tanium 

Tanium, the industry’s only provider of converged endpoint management (XEM), leads the paradigm shift in legacy approaches to managing complex security and technology environments. Only Tanium protects every team, endpoint, and workflow from cyber threats by integrating IT, Operations, Security, and Risk into a single platform that delivers comprehensive visibility across devices, a unified set of controls, and a common taxonomy for a single shared purpose: to protect critical information and infrastructure at scale. Tanium has been named to the Forbes Cloud 100 list for six consecutive years and ranks on Fortune’s list of the Best Large Workplaces in Technology. In fact, more than half of the Fortune 100 and the U.S. armed forces trust Tanium to protect people; defend data; secure systems; and see and control every endpoint, team, and workflow everywhere. That’s the power of certainty. Visit www.tanium.com and follow us on LinkedIn and Twitter.

On a mission. Together. 

At Tanium, we are stewards of a culture that emphasizes the importance of collaboration, respect, and diversity. In our pursuit of revolutionizing the way some of the largest enterprises and governments in the world solve their most difficult IT challenges, we are strengthened by our unique perspectives and by our collective actions.   

We are an organization with stakeholders around the world and it’s imperative that the diversity of our customers and communities is reflected internally in our team members. We strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that only together can we do great things. 

Each of our team members has 5 days set aside as volunteer time off (VTO) to contribute to the communities they live in and give back to the causes they care about most.   

What you’ll get

The annual base salary range for this full-time position is $105,000 to $310,000. This range is an estimate for what Tanium will pay a new hire. The actual annual base salary offered may be adjusted based on a variety of factors, including but not limited to, location, education, skills, training, and experience.

In addition to an annual base salary, team members will receive equity awards and a generous benefits package consisting of medical, dental and vision plan, family planning benefits, health savings account, flexible spending account, transportation savings account, 401(k) retirement savings plan with company match, life, accident and disability coverage, business travel accident insurance, employee assistance programs, disability insurance, and other well-being benefits.

For more information on how Tanium processes your personal data, please see our Privacy Policy.

#Hybrid