Senior Information Security Compliance Officer (FedRAMP)

Description About us We are Digital Science and we are advancing the research ecosystem.
We are a pioneering technology company, and our vision is of a future where a trusted and collaborative research ecosystem drives progress for all.
We believe in better, open, collaborative and inclusive research.
In creating the next generation of tools and working in partnership with the community we tackle some of the biggest challenges to research.
In order to achieve our vision, we need innovative, inspiring and dynamic people to join our team.
Want to join us? Your new role As our Senior Information Security Compliance Officer, you will be part of our Information Security team, overseeing our InfoSec compliance requirements.
This role partners with several areas of Digital Science and adds value through delivering a robust compliance framework to meet our ever evolving compliance requirements.
You will be the founding member of a new sub-team, primarily responsible for the delivery and maintenance of compliance specific to large, US (Federal) customers with enhanced security and privacy requirements.
This is a highly visible and strategic role which requires a high standard of communication and stakeholder management.
This role (due to Federal requirements) can only be satisfied by a “US citizen, US national, or US person” and additional checks may be required.
What you’ll be doing Work with the stakeholders from across the group, our customer-base and third-party vendors/partners, to embed and enhance InfoSec compliance for products, services and business units under your purview.
Implement and manage the compliance across several frameworks including FedRAMP and NIST primarily.
Identifying and mitigating risks, utilising governance, risk and compliance tooling to map to DS policies and procedures enabling operating the FedRAMP environment(s) Developing and implementing policies and procedures in order to align with DS policies while satisfying the needs of additional frameworks including FedRAMP and NIST Monitoring compliance as required to maintain the FedRAMP authority to operate at the appropriate level.
Conducting Audits and assessments in advance of the external audits required by FedRAMP Reporting to CISO, Deputy CISO, senior management and stakeholders in order to understand the performance of the system.
What you’ll bring to the role You have significant, expert, professional experience in Information Security Compliance with demonstrable expertise in FedRAMP (to at least ‘moderate’ level), DoD IL4 and NIST-800 (53 and 218 at a minimum).
You have parallel knowledge of ISO/IEC 27001 and 27701 in order to compare, contrast and advise on additional requirements and controls required to achieve and maintain FedRAMP compliance.
You will have successfully delivered a FedRAMP implementation programme utilising consultants, third-parties and internal resources.
You may have United States military or intelligence history in relation to FedRAMP, have been part of a 3PAO or specialist FedRAMP consultancy organisation.
You’re highly organised and have the ability to work on intricate details without losing the big picture You’ll be a strong communicator and comfortable communicating with people at all organisational levels and leading conversations around recommendations for improvements You have a collaborative approach to how you work and ensure all groups are communicated with and understand your process and approach You’re a self learner and have an inquisitive mind You’re resourceful and solutions focussed, making practical considerations for all groups involved You’re a natural problem solver and have strong analytical skills Bachelor degree in Computer Science or a related field, and/or equivalent Information Security related certifications (such as CISSP or CISM).
Living our Values We invest in, nurture and support innovative businesses and technologies that make all parts of the research process more open, efficient and effective.
The talent we secure is fundamental to us achieving our vision and our growth plans.
The values we live by are: We are brave in the pursuit of better We are collaborative and inclusive We are always open-minded We are from and for the community We're an equal opportunity employer.
All applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status Additional Information Please note that, in light of vaccination mandates for US Government contractors, Digital Science requires that all US-based employees are fully vaccinated against COVID-19, subject to approved accommodations.
About Digital Science Digital Science is a technology company working to make research more efficient.
We invest in, nurture and support innovative businesses and technologies that make all parts of the research process more open and effective.
Our portfolio includes admired brands including Altmetric, Dimensions, Figshare, ReadCube, Symplectic, IFI Claims, Writefull, and Overleaf.
We believe that together, we can help researchers make a difference.