Compliance Program Manager

Full-Time / Office of CTO / Remote, US

About Logz.io

Logz.io is a cloud observability platform for modern engineering teams. The Logz.io platform consists of four products—Log Management, Infrastructure Monitoring, Distributed Tracing, and Cloud SIEM — that work together to unify the jobs of monitoring, troubleshooting, and security. We empower engineers to deliver better software by offering the world's most popular open-source observability tools in a single, easy to use, and powerful tool purpose-built for monitoring distributed cloud environments. Reporting to the CTO, the Compliance Program Manager/Lead at Logz.io will own and drive the overall cloud security and compliance requirements for Logz.io’s cutting edge cloud-native SaaS products. This position will be responsible for working across many different teams within DevOps, product teams, and other parts of the organization to design, document, and implement a compliant SaaS infrastructure that can support Logz.io’s FedRAMP authorizations as well as additional security processes, audits, and certifications for PCI, SOC, HIPAA, ISO 27001, and GDPR.  The Compliance Program Manager/Lead will also work with product engineering teams to perform gap analysis of their existing products and write requirements that meet compliance demands. The FedRAMP project may  include implementation on both AWS GovCloud and Azure for Government.

What You Will Do:

  • Collaborate with DevOps teams to write security control implementation descriptions and create diagrams for required documentation to support audits.
  • Support SaaS audits for existing requirements.
  • Lead the planning, scheduling, and preliminary analysis for all development requirements, as well as internal and external audits.
  • Collaborate with product engineering teams to understand their application architecture and provide guidance on how to meet compliance requirements.
  • Collaborate with product engineering teams to translate security and compliance requirements to engineering requirements.
  • Own the relationships and act as the interface including selection of the 3PAO, sponsoring agency, and contract ATO to obtain FedRAMP Ready and ultimately Medium certification
  • What You Will Need:

  • FedRAMP experience, including successful completion of products through FedRAMP certification.
  • Knowledge working with FedRAMP JAB a plus.
  • Superb soft skills including the ability to gain the trust of stakeholders and senior management and negotiate priorities with outside teams.
  • Demonstrate courage, inclusiveness, and pragmatism, leveraging servant leadership techniques to influence, negotiate and inspire others in a matrix environment.
  • Excellent verbal and written communication skills.
  • Strong analytical and problem-solving skills.
  • Inspired by bringing cross-functional teams together to accomplish program objectives
  • Your Background:

  • Meet the requirements to obtain a U.S. Security Clearance.
  • 5+ Years project managing compliance for SaaS solutions.
  • 5+ Year’s experience with Amazon Web Services or Microsoft Azure.
  • Strong expertise in FedRAMP, PCI, SOC, HIPAA, ISO 27001, NIST 800-53, and FIPS 140-2.
  • Experience with code scanning, infrastructure and application vulnerability scanning