Principal FedRAMP Compliance Specialist

Job Requisition ID #23WD73951The Security Team @ AutodeskOur team of security experts helps Autodesk design, build, deploy, and maintain secure products. We are embedding security in the full spectrum of how we build our products from inception, design, development, and testing to how we are running them in the cloud, as well as how we are responding to any existing or emerging threats to our products or the building blocks of our products and services. Our job is to be one step ahead of the bad guys and use expertise, technology and other resources to thwart their efforts to compromise our products and the environment in which they operate. Our team keeps a single-minded focus on protecting our customers' data and their investment in our products by strengthening our applications, underlying services, and network.Location: Remote USPosition OverviewWe are seeking a talented and motivated individual to serve as Principal FedRAMP Compliance Specialist. You thrive on collaboration and organized to implement, consisting of a broad range of skills and responsibilities, including security, marketing, executive, and customer communication.The Principal FedRAMP Compliance Specialist works and consults with the internal stakeholders and product engineering teams to document and implement control requirements and support the cloud security standards, including technical security and operational controls, for Autodesk's FedRAMP environment. You will support analysis and remediation of security control implementation review results, penetration testing results, and vulnerability scan results for POAM reporting to authorizing agencies. You will collaborate with security professionals on cross-department initiatives, including projects that aim to enhance the security posture of the company.ResponsibilitiesInternal and External stakeholder engagement, including legal, sales, product/enterprise teams, 3PAO, sponsoring agency, and FedRAMP PMOIntegrate and synthesize information from multiple teams in order to analyze complex issues, mitigate risks, and solve problemsYou will assist with analysis and preparation for internal and external auditsProperly identify, remediate, communicate, or escalate technical and program risksCollaborate on the development of automated capabilities for evidence collection, control validation, and process executionEnsure technical documentation, e.g. System Security Plan (SSP) is maintained, using knowledge of security controls and security audits, for technical architecture, operational process and security processesProvide input to internal teams with regard to implementation of FedRAMP and other security frameworks and how they impact product updates or organizational processesIdentify and provide detailed security and configuration requirements to cloud, application, and enterprise teamsAct as a FedRAMP Security SME/Consultant for projects and inquiries from product, development, and IT teamsMinimum Qualifications5+ years of hands-on experience in IT auditing and/or complianceRecent hands-on concentration of work with FedRAMP Framework (audit and compliance experience)Previous experience leading a Cloud Service Provider through a FedRAMP ATO processExpertise in more than one of the following areas: Security Architecture, Security Consulting, Identity and Access Management (IAM), Network Security, Security Engineering, Incident Handling, Active Adversary Threat Management, Intrusion Detection, Firewalls, Vulnerability Management, Windows and Unix security, Encryption, and Endpoint Security, DevOps, Systems AdministrationExperience working with technologies hosted via cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform)Superb soft skills include the ability to gain the trust of partners and senior management and negotiate priorities with outside teamsFamiliarity with SOA principles, CI/CD, and Microservice/Container orchestration and architecturePreferred QualificationsFamiliarity with security domains, such as application security, infrastructure and cloud security, incident response, and/or security compliance and certificationsExperience with cloud computing technologiesFedRAMP industry and Agency relationships#ADSKSecurityCareers#LI-DT1Learn MoreAbout AutodeskWelcome to Autodesk! Amazing things are created every day with our software – from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made. We take great pride in our culture here at Autodesk – our Culture Code is at the core of everything we do. Our values and ways of working help our people thrive and realize their potential, which leads to even better outcomes for our customers. When you’re an Autodesker, you can be your whole, authentic self and do meaningful work that helps build a better future for all. Ready to shape the world and your future? Join us!BenefitsFrom health and financial benefits to time away and everyday wellness, we give Autodeskers the best, so they can do their best work. Learn more about our benefits in the U.S. by visiting https://benefits.autodesk.com/Salary transparencySalary is one part of Autodesk’s competitive compensation package. For U.S.-based roles, we expect a starting base salary between $129,500 and $209,440. Offers are based on the candidate’s experience and geographic location, and may exceed this range. In addition to base salaries, we also have a significant emphasis on annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.Equal Employment Opportunity At Autodesk, we're building a diverse workplace and an inclusive culture to give more people the chance to imagine, design, and make a better world. Autodesk is proud to be an equal opportunity employer and considers all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender, gender identity, national origin, disability, veteran status or any other legally protected characteristic. We also consider for employment all qualified applicants regardless of criminal histories, consistent with applicable law.Diversity & BelongingWe take pride in cultivating a culture of belonging and an equitable workplace where everyone can thrive. Learn more here: https://www.autodesk.com/company/diversity-and-belongingAre you an existing contractor or consultant with Autodesk? Please search for open jobs and apply internally (not on this external site).