Manager, Compliance Federal Program Management

Federal Compliance Manager

Due to Federal Government contract requirement, U.S. Citizenship is required for this position. This position may be subject to customer or third-party background checks if required. The Federal Compliance Manager will be responsible for assisting SailPoint in achieving and maintaining its federal compliance objectives. This role will support efforts related to the current  SailPoint FedRAMP Authorized cloud service offering, Cybersecurity Maturity Model Certification (CMMC) and other federal and/or state compliance initiatives. The nature of this position requires collaboration and partnership with teams across the organization, at all levels with varying levels of technical acumen, as well as contact with outside client representatives, vendors, auditors, and other business-related representatives. The keys to success in this role are strong leadership skills, strong understanding of the FedRAMP program and requirements, ability to solve problems creatively, and clear communication skills.

Within the first month:

You will be trained on internal Compliance processes and tools used. You will have agency and 3PAO introductions as the point of contact. You will have introductions to the internal technical teams that support the Federal Compliance Program and will need to familiarize yourself with SailPoint offerings.

Within 3 months:

You will be the FedRAMP Subject Matter Expertise and own the relationship with both internal and external stakeholders. You will lead both client and internal status meetings and updates. You will work on timeline of yearly federal compliance efforts.

Within 1 year:

Fully manage the Federal Compliance Program including maintaining the current FedRAMP authorization, incorporate new services within the Federal program, ensure compliance with Federal and State mandates and ensure internal teams are ready for the annual assessment. You will provide expertise in the FedRAMP process and requirements as well as NIST controls.

Responsibilities:

This role will be responsible for, but not limited to, the following activities –

• Maintain the achievement of full compliance with the organization’s compliance goals and objectives
• Serve as the point of contact with both internal and external communication regarding the Federal Compliance Program and ensure responses are provided in a timely manner
• Integrate new compliance requests into the Federal Compliance program
• Manage and train direct personnel in support of compliance activities
• Lead third party assessment efforts to completion
• Stay abreast of Federal and State regulatory and compliance changes that could impact our Federal Compliance program
• Manage POAM and ConMon activities, including working with technical and non-technical teams to resolve outstanding item
• Create and publish technical documentation associated with FedRAMP assessment packages
• Manage the support and maintenance of compliance roadmaps, Risk & Controls Matrix (RCMs), policies and procedures, evidence/artifacts, etc.
• Facilitate the scheduling of internal and external meetings (including kickoff, walkthroughs, and closing meetings).
• Discuss with Management any changes to scope of audits performed, significant findings noted as the audit progresses and conclusions / recommendations of finalized audit
• Track remediation activities and provide compliance support
• Work with the appropriate stakeholders on changes resulting from annual risk assessment and/or audit feedback to ensure appropriate processes are updated and communicated.
• Provide support and guidance on control implications resulting from changes
• Collaborate with a variety of SailPoint teams to ensure compliance concerns are addressed, compliance activities are completed, and documents are reviewed
• Aid in the identification, implementation, and maintenance of appropriate security and compliance measures
• Work with SailPoint management to ensure plans are in place to address compliance problems when they occur and before certifications are jeopardized
• Ensure projects and time sensitive activities are completed within time planned
• Maintain positive and open communication with SailPoint management and teams

• Organized Researcher with strong organizational, presentation, and customer research skills
• Assist or lead in the development, maintenance, and revision of policies, standards, procedures, work instructions, and guidelines of compliance program and related activities

• Other job duties as required of the Compliance team

Requirements:

• Must be US citizen and working in the US
• Minimum of 4-5 years of managing experience in the past 7 years as a Manager
• Experience with leading at least one successful FedRAMP certification from initial identification to final assessment
• In-depth knowledge of FedRAMP requirements and operations
• Strong knowledge of NIST 800-53 Controls is a must
• Well-versed in Federal and State guidelines and best practices
• Strong attention to detail
• Strong project management skills
• Solid understanding of AWS architecture, CI/CD, SDLC
• Strong technical expertise and competency in network security, security operations, security architecture, infrastructure security, and identity and access management.
• Strong verbal and written skills are required in the documentation of gaps/deviations/risks as they apply to the assessment
• Ability to effectively interface with business, executive and technical teams

Benefits and Compensation listed vary based on the location of your employment and the nature of your employment with SailPoint.

As a part of the total compensation package, this role may be eligible for the SailPoint Corporate Bonus Plan or a role-specific commission, along with potential eligibility for equity participation. SailPoint maintains broad salary ranges for its roles to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect SailPoint’s differing products, industries, and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. We estimate the base salary, for US-based employees, will be in this range from (min-mid-max, USD):

Base salaries for employees based in other locations are competitive for the employee’s home location.

Benefits Overview

1. Health and wellness coverage: Medical, dental, and vision insurance

2. Disability coverage: Short-term and long-term disability

3. Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)

4. Additional life coverage options: Supplemental life insurance for employees, spouses, and children

5. Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account

6. Financial security: 401(k) Savings and Investment Plan with company matching

7. Time off benefits: Flexible vacation policy

8. Holidays: 8 paid holidays annually

9. Sick leave

10. Parental support: Paid parental leave

11. Employee Assistance Program (EAP) and Care Counselors

12. Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options

13. Health Savings Account (HSA) with employer contribution

SailPoint is an equal opportunity employer and we welcome everyone to our team.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.