Our team’s mission is to become our internal customers’ most trusted partners by building best-in-class security programs which shape the market with our research, make it easy for our customer teams within Cisco to develop secure software, protect our most valuable information and customer assets, and enable SBG employees to work securely as they deliver Cisco Secure products including: Duo, Umbrella, SecureX, Talos, Amp for Endpoints, StealthWatch, Tetration, and beyond.

#WeAreCisco, where each person is unique, and our team is our secret weapon. We run the spectrum from artists to analysts, low-key to high energy, and bring together a diversity of abilities, experiences, and perspectives to solve the complex problems that come with securing a growing business. Together we build solutions that are easy, effective, trustworthy, and enduring.

We are searching for a Security Compliance Analyst, FedRAMP ISSO/ConMon Lead to work as a team member on the execution of our FedRAMP continuous monitoring program for one of our products in accordance with the FedRAMP Continuous Monitoring Strategy Guide, FedRAMP Continuous Monitoring Performance Management Guide, and any other applicable guidance or requirements.

• Collaborating with FedRAMP ISSOs and other ConMon leaders to develop and maintain a continuous monitoring program for the system.
• Develop and update the Plan of Action and Milestones by including findings identified during both the initial assessment and monthly following the ATO.
• Lead team engagements for developing the Plan of Action and Milestones, including documenting the Significant Change Requests and Operational Requirements.
• Deliver these action plans and landmarks to agency sponsor and address any concerns, and work with internal teams to ensure remediation of findings.
• Collaborate with the FedRAMP ISSO to ensure that the system is operating effectively despite changes in the threat landscape and any upgrades or improvements to the system.
• Coordinate and verify FedRAMP evidence and artifacts per Continuous Monitoring requirements for FedRAMP customers.
• Partner with engineering and operations teams to ensure alignment to compliance requirements for FedRAMP.
• Effectively communicate with management on decisions that impact federal programs and teams.

• Must have Bachelors + 7 years of related experience or Masters + 4 years of related or demonstrated experience in FedRAMP requirements and NIST SP 800-53, NIST SP 800-37, NIST FIPS 199, and StateRAMP.
• 3+ years of experience in building productive relationships with both technical and non-technical teams." (Second bullet point)
• "3+ years of proven history in identifying dependencies between complex projects and resolving potential impact."

• The ability to drive collaboration and influence multiple technical and functional teams.
• Demonstrated ability to function as a strong business to technology, helping to bridge the business view and requirements to technologists building solutions.
• Experience in requirements development, program management, and/or process improvement efforts in a technical company, preferably a SaaS provider.
• Experience working with governance, risk, and compliance systems and performing risk assessment activities is highly preferred
• Ability to operate effectively in a remote environment
• Self-starting, self-motivated, self-directed, and self-sufficient
• Be based in the U.S.

We're global, we're adaptable, we're diverse, and our security portfolio is as extensive as it is groundbreaking. Have you heard of Threat, Detection & Response, Zero Trust by Duo, Common Services Engineering, or Cloud & Network Security? Those are only a few of our product teams! The only thing we're missing is YOU.

Join an enterprise security leader with a start-up culture, committed to driving innovation and giving you the opportunity to make an impact. We #InnovateToWin and we know we're better together, that's why we're dedicated to inclusivity, collaboration, and diversity in everything we do.

We're proud to be the Best Small and Mid-Size Enterprises Security Solution Cisco Secure continues to grow and evolve year after year with 100% of Fortune 100 Companies using our products, and we're excited to see the new heights we'll reach with your passion for security, your customer focus, and your desire to change things up!

"Cisco Secure offers an environment that combines ground breaking, critically important technology with some of the brightest, most diverse set of people I've ever had the pleasure of working with." - Chief of Staff, Engineering

There are so many amazing reasons to join Cisco. Learn more here!

U.S. employees have access to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday. Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO. We offer additional paid time to volunteer and give back to the community. Employees are also able to purchase company stock through our Employee Stock Purchase Program.

Employees on sales plans earn performance-based incentive pay on top of their base salary, which is split between quota and non-quota components. For quota-based incentive pay, Cisco pays at the standard rate of 1% of incentive target for each 1% revenue attainment against the quota up to 100%. Once performance exceeds 100% quota attainment, incentive rates may increase up to five times the standard rate with no cap on incentive compensation. For non-quota-based sales performance elements such as strategic sales objectives, Cisco may pay up to 125% of target. Cisco sales plans do not have a minimum threshold of performance for sales incentive compensation to be paid.