Senior Trust Assurance Specialist

Job summary

We are seeking a Senior Trust Assurance Specialist to join the Trust Office team at DigiCert. The successful candidate will have at least 10 years of experience in compliance risk management or internal audit with a strong background in FedRAMP or FISMA ATOs and other relevant cybersecurity standards. This role requires a US citizen with a strong knowledge of regulatory frameworks exceptional analytical and organizational skills and the ability to effectively communicate and collaborate with internal and external stakeholders. The role will report to DigiCerts Head of Compliance and will be part of the Trust Office team.

What you will do

• FedRAMP Expertise at the Moderate or High impact level: Lead the companys FedRAMP authorization and continuous monitoring efforts including security documentation control implementation and coordination with external auditors.
• Regulatory Compliance: Ensure compliance with FedRAMP Mod WebTrust for CAs NIST 80053 r5 NIST 80063 FISMA and other regulatory and industry frameworks.
• Audit and Assessment Management: Prepare for and support internal and external audits including FedRAMP SOC 2 WebTrust and other compliance reviews.
• Risk Management: Provide input into DigiCerts risk management program.
• Policy Development: Provide input and review for relevant DigiCert internal policies and procedures. Ensure appropriate controls are designed and implemented throughout the environment to comply with security policies and procedures.
• ATO Management: Maintain a positive relationship with our authorizing agencies as the pointofcontact for regular meetings and POA&M management. Ensure DigiCerts SSP is current and reflects the current state of the authorized system.
• Stakeholder Collaboration: Work closely with Security IT Legal and Operations teams to ensure compliance objectives are met.
• Stay informed of emerging regulatory trends and changes advising senior management on potential impacts and necessary adjustments to the compliance program.
• Serve as a liaison with relevant regulatory bodies agencies and external auditors managing communications and coordinating inspections or investigations.
• Collaborate with Legal Finance HR and other departments to ensure cohesive compliance strategies and responses to regulatory issues.
• Help foster a culture of compliance and security throughout the organization.
• Any other similar related activities as assigned.

What you will have

• Minimum bachelors degree in law compliance computer science or related field.
• Minimum 10 years of experience in compliance risk management or internal audit preferably in a cybersecurity PKI or cloud environment.
• Proven experience with FedRAMP (Authorization Continuous Monitoring Compliance Management).
• Strong knowledge of PKI digital certificates and cryptographic security principles.
• Experience with standards such as WebTrust for CAs SOC 2 ISO 27001 FIPS 1402/3 and NIST frameworks 80053 r5 80063.
• Experience engaging with regulatory bodies auditors and external auditors.
• Experience writing and evaluating control design.
• Certifications such as CISSP CISM CISA or CRISC are highly desirable.
• Excellent analytical organizational and communication skills.
• Experience with compliance and risk management software and the ability to leverage technology for efficient compliance monitoring and reporting.
• Prior experience as an ISSO or ISSM is a plus.
• Prior experience with FPKI is a plus.

Benefits

DigiCert offers a competitive benefits package for all of our fulltime employees.

DigiCert is an Equal Opportunity employer and is committed to diversity in its workforce. In compliance with applicable federal and state laws DigiCert prohibits discrimination on the basis of race or ethnicity religion color national origin sex age sexual orientation gender identity/expression veterans status status as a qualified person with a disability or genetic information. Individuals from historically underrepresented groups such as minorities women qualified person with disabilities and protected veterans are strongly encouraged to apply.

#LIRR1