Senior Technical Writer (InfoSec and Compliance)
Bengaluru
- Remote-first
- Website
- @Granicus 𝕏
- GitHub
- Search
Granicus
Citizen Experience Platform Transforming How Governments Serve. Granicus technology connects 250M people & 6,000+ government organizations.
We are looking for an experienced Technical Writer with proven experience creating and maintaining documentation to support an information security & compliance program for an organization that provides both cloud software and services. You will report to the Senior Manager, Information Security Programs. You will need strong written and verbal communication, and a strong working knowledge of FedRAMP and ISO 27001 documentation requirements. You will also work with teams on other policies, procedures, standards, or other audit related documentation to support SOC 2, PCI, HIPAA, FISMA, CJIS and Cyber Essentials. You will work collaboratively with the security team as well as with cross-functional teams, including technical and non-technical roles. This role will also work independently to manage the document lifecycles.
What your impact will look like here
- Refresh company security policies and procedures, including mapping to corresponding framework controls, including NIST 800-53 (for FedRAMP), ISO 27001:2022, Cyber Essentials, PCI, HIPAA, and SOC 2.
- Collaborate with cross-functional teams to map all audited policies and procedures and support review.
- Update and maintain the FedRAMP, StateRAMP, and TxRAMP System Security Plans and all attachments. This will include working with the control owners to review and update control implementation summaries.
- Document the FedRAMP Deviation Requests (DR) and Significant Change Request (SCR) and support the DR and SCR processes. You will leverage FedRAMP templates and guidelines. You will work with the technical owners to assess the requests and ensure sufficient detail is provided in the DR and SCR submissions, and that they are documented for technical and non-technical reviewers.
- Create and improve runbook documentation for internal security team processes related to audited controls, SCRs, DRs, POA&Ms and ConMon.
- Create and maintain documentation for StateRAMP, TxRAMP, or other compliance frameworks.
- Create new information security policies and procedures, as necessary.
- Update and maintain SSP System Description, ISO Scope statement, and SOC 2 Type II Section III System Description content.
- Own the versioning and document management process for the document lifecycle, including centralized document repository and version control.
You will love this job if you have
- 7+ years in technical writing for information security or compliance
- Direct experience documenting for FedRAMP, StateRAMP, and/or TxRAMP, which may include SSPs, DRs, SCRs, ConMon, POA&Ms, or the dash-one “-1” controls
- Experience documenting company security policies and procedures
- Knowledge of common security frameworks, such as NIST 800-53, ISO 27001, PCI, HIPAA, SOC 2, CJIS and/or Cyber Essentials
- Ability to work with very technical teams and non-technical teams
- Ability to work independently
- Familiarity with AWS, Azure, and/or GCP
- Familiarity with common cloud security controls and tools
- Knowledge of FedRAMP OSCAL resources
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
Compliance Jobs
Tags: AWS Azure CIA Cloud Compliance FedRAMP FISMA GCP HIPAA ISO 27001 NIST NIST 800-53 Privacy SOC SOC 2 System Security Plan
Perks/benefits: Career development Fitness / gym Health care Insurance Wellness
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information System Security Officer jobsSenior Cloud Security Engineer jobsSenior Security Analyst jobsInformation Security Manager jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsSenior Penetration Tester jobsSenior Information Security Analyst jobsSecurity Specialist jobsCyber Security Specialist jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsIT Security Analyst jobsSystems Engineer jobsStaff Security Engineer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Product Security Engineer jobsSystems Administrator jobsCyber Security Architect jobsSecurity Operations Analyst jobs
CI/CD jobsMalware jobsSaaS jobsForensics jobsEDR jobsSDLC jobsEncryption jobsIDS jobsBash jobsSplunk jobsTop Secret jobsIPS jobsRMF jobsOWASP jobsIntrusion detection jobsSQL jobsThreat detection jobsCompTIA jobsFinance jobsDocker jobsDoDD 8570 jobsITIL jobsCRISC jobsActive Directory jobsGIAC jobs
VPN jobsHIPAA jobsTCP/IP jobsMITRE ATT&CK jobsTerraform jobsOSCP jobsUNIX jobsIT infrastructure jobsBanking jobsClearance Required jobsSANS jobsPolygraph jobsJavaScript jobsDNS jobsCISO jobsSOX jobsSOC 2 jobsAnsible jobsCCSP jobsJira jobsData Analytics jobsSOAR jobsIndustrial jobsCyber defense jobsGCIH jobs