Senior Information Security Internal Auditor

Everbridge is the leading critical event management platform trusted by corporations and communities of all sizes to help keep people safe and business running! Connecting more than 100 million people and internet-enabled devices, the company assures that secure, compliant communications are delivered and confirmed, whether locally or globally. We are currently hiring a Senior Information Security Internal Auditor. This position can be fully remote or hybrid out of one of our offices.

What you'll do:

• Develop and manage the internal audit program as part of the Compliance portfolio based on FedRAMP Moderate requirements, and other applicable standards.
• Diligently maintain the company’s Information Security and Privacy Framework and underlying policies, procedures, standards and guidelines.
• Conduct NIST 800-53 compliance audits and assessments and provide recommendations based upon FedRAMP defined controls and industry best practices
• Be fully responsible for Monthly FedRAMP ConMon assessments and submissions
• Will work closely with engineering and operation teams to ensure timely delivery of FedRAMP documents and meeting project milestones and objectives
• Liaise with auditors, articulate control implementation and impact, and describe considerations for applying security and compliance concepts to a technical cloud environment.
• Represent Compliance on FedRAMP, and other certification project and strategies
• Provide the necessary support with maintaining documentation/evidence/artifacts
• Manage and organize the audits and documents using a GRC System
• Create audit plans and audit reports
• Keep documentation organized and document processes and guidelines
• Develop approach for continuous monitoring efforts and recertifications
• Assist with other audit activities as needed
• Facilitate external audits

What you'll bring:

• Experience working with FedRAMP, NIST 800-53, FISMA, and/or similar governance and compliance framework
• Strong understanding of FedRAMP information collection and reporting process
• Experience in reports development (status, metrics, and measures)
• Minimum 3 years of experience in security, assessments or compliance consulting or advisory work in in support of a highly technical environment.
• Minimum 3 years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. FedRAMP, SOC 2, Bsi C5, or ISO 27001).
• Knowledge of Information Management policies, requirements, and best practices
• Ability to communicate in a clear and well-organized fashion and to influence decision-makers, both verbally and in writing
• Ability to lead with initiative and persuasiveness
• Excellent interpersonal and organizational skills
• CIA, CISA, CCSP, ISO 27001 Auditor Certification are a plus
• Must be a US Citizen and have the ability to obtain a Secret Clearance

The reasonably estimated salary for this role at Everbridge ranges from $118,000 - $145,000 and may also include variable compensation. Actual compensation is based on factors such as the candidate's skills, qualifications, and experience. In addition, Everbridge offers a wide range of best in class, comprehensive and inclusive employee benefits for this role including healthcare, dental, parental planning, and mental health benefits, disability income benefits, life and AD&D insurance, a 401(k) plan and match, paid time off, and fitness reimbursements.
Fair Chance Statement US & Canada We are committed to providing equal employment opportunities in compliance with all applicable Federal, Provincial/State and Local laws, including the California Fair Chance Act and any local County Fair Chance Ordinance (or local equivalent). Pursuant to these and other relevant regulations, we consider qualified applicants with criminal histories in a manner consistent with the law. For roles subject to background checks, the following material job duties may be affected by an applicant’s criminal history:- Access to sensitive or confidential information, such as financial records, proprietary data, or client information.- Management of cash, company funds, or other valuable assets.- Work in environments requiring heightened security measures.- Compliance with contractual or regulatory requirements specific to the position. We evaluate each applicant's criminal history individually, considering its nature, timing, and relevance to the specific job duties, while maintaining our commitment to fair hiring practices and promoting workplace equity.

About Everbridge
Everbridge empowers enterprises and government organizations to anticipate, mitigate, respond to, and recover stronger from critical events. In today’s unpredictable world, resilient organizations minimize impact to people and operations, absorb stress, and return to productivity faster when deploying critical event management (CEM) technology. Everbridge digitizes organizational resilience by combining intelligent automation with the industry’s most comprehensive risk data to Keep People Safe and Organizations Running™. For more information, visit www.everbridge.com, read the company blog, and follow on Twitter. Everbridge… Empowering Resilience Everbridge is an Equal Opportunity/Affirmative Action Employer. All qualified Applicants will receive consideration for employment without regard to race, creed, color, religion, or sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.