Senior Product Compliance Analyst - ISSO

Senior Product Compliance Analyst -ISSO

In this role, you will act as a key driver of federal compliance and information security assurance across complex, cloud-based product environments. You will support critical audit programs and ensure alignment with strict regulatory frameworks such as FedRAMP, FISMA, NIST, and other federal security standards. Working at the intersection of security, product engineering, and compliance, you will help shape and maintain the documentation, controls, and processes required for certification and continuous authorization. This position plays a vital role in ensuring that enterprise solutions remain compliant, secure, and audit-ready at all times. You will collaborate with internal technical teams, external auditors, and third-party assessment organizations in a fast-paced, highly regulated environment. The role is ideal for someone who thrives on structure, precision, and cross-functional coordination while navigating evolving security requirements.

Accountabilities:

• Support and maintain federal compliance and audit programs, ensuring adherence to regulatory frameworks, internal policies, and external mandates such as FedRAMP, FISMA, and related standards.
• Develop, update, and maintain key compliance documentation including System Security Plans (SSP), Security Assessment Plans (SAP), Security Assessment Reports (SAR), and Certification and Accreditation materials.
• Coordinate with internal teams and external auditors (including 3PAOs) to ensure successful completion of federal security assessments and audits.
• Monitor compliance status, track remediation of identified gaps, and provide structured reporting and updates to key stakeholders and leadership.
• Collaborate with Information Security, Product, Engineering, and Operations teams to ensure audit controls are properly implemented and maintained.
• Support continuous improvement of compliance processes, tools, and methodologies to enhance efficiency and audit readiness.
• Assist in managing onsite and remote assessments while ensuring clear communication and coordination across stakeholders.

Requirements:

• 4+ years of experience in information security, compliance, or ISSO-related roles with a strong focus on federal audit environments.
• Hands-on experience with federal compliance frameworks such as FedRAMP, FISMA, NIST SP 800 series, and related standards.
• Strong understanding of System Security Plans (SSP), NIST Risk Management Framework (RMF), and Plan of Action & Milestones (POA&M).
• Experience supporting or managing audit activities, including coordination with external auditors and regulatory bodies.
• Ability to produce high-quality technical documentation related to cloud security and compliance controls.
• Strong project management skills, with the ability to prioritize, track, and deliver multiple compliance workstreams in parallel.
• Excellent communication skills, with the ability to translate complex security concepts for diverse technical and non-technical stakeholders.
• Certifications such as CISSP, Security+, CISM, or cloud security certifications are highly desirable.
• Ability to work independently in a fast-paced, regulated environment with strong attention to detail and accountability.

Benefits:

• Competitive compensation aligned with experience and market standards
• Remote-first work flexibility
• Opportunity to work on high-impact federal compliance and security programs
• Professional development and certification support (security and cloud-focused)
• Collaborative, global work environment with cross-functional exposure
• Career growth within a highly specialized compliance and security domain
• Inclusive workplace culture focused on diversity and equal opportunity