Job Information
RELX INC Principal FedRAMP Continuous Monitoring Engineer in Alpharetta, Georgia
Principal FedRAMP Continuous Monitoring Engineer
Are looking for an opportunity to drive our FedRAMP compliance initiatives?
Are you looking to become our FedRAMP SME?
About the BusinessLexisNexis® Risk Solutions provides customers with solutions and decision tools that combine public and industry specific content with advanced technology and analytics to assist them in evaluating and predicting risk and enhancing operational efficiency. We use the power of data and advanced analytics to help our customers make better, timelier decisions. By bringing clarity to information, we ultimately help make communities safer, insurance rates more accurate, commerce more transparent, business decisions easier and processes more efficient. You can learn more about LexisNexis Risk at the link below, https://risk.lexisnexis.com/
About our TeamThis team is responsible for the implementation and manage the continuous monitoring of our FedRAMP program
About the RoleYou will be responsible for overseeing and implementing the continuous monitoring processes in accordance with the NIST guidelines. You will be to ensure the ongoing compliance of our organization's systems and infrastructure with FedRAMP requirements.
Responsibilities
Developing and maintaining a comprehensive continuous monitoring plan based on NIST SP 800-137 guidelines, FedRAMP requirements, and organization-specific needs.
Establishing processes and procedures to collect, analyze, and report security-related information from various sources, such as security controls, vulnerability assessments, and incident response activities.
Conducting regular risk assessments to identify potential vulnerabilities and threats to cloud-based systems. Define key performance indicators (KPIs) and metrics to measure the effectiveness of the continuous monitoring program
Monitoring and analyzing security logs, event data, and system alerts to identify anomalies, security incidents, and non-compliance with established security policies.
Evaluating vulnerability scans and penetration tests to assess the security posture of cloud-based systems.
Reviewing and analyze security assessment and authorization (SA&A) artifacts, including system security plans, risk assessments, and security control implementation documentation.
Providing support during internal and external audits or assessments by compiling and presenting evidence of compliance with FedRAMP and NIST guidelines.
Requirements
Possess an In-depth understanding of the NIST Special Publication 800-53 guidelines and FedRAMP requirements
Possess an understanding of security controls and their implementation within complex IT environments. Demonstrated experience in implementing and managing continuous monitoring programs for cloud-based systems within the Federal Government.
Possess knowledge of cloud technologies, infrastructure, and security controls (e.g., AWS, Azure). Familiarity with industry-leading security tools, vulnerability scanners, and security information and event management (SIEM) systems.
Proficiency in evaluating vulnerability assessments, penetration testing, and security and incident response.
Knowledge of security assessment and authorization (SA&A) processes, system security plans, and risk management frameworks (e.g., RMF).
Possess the ability to work across programming languages and frameworks (e.g., Python, Power Shell) Have the proficiency in Business Intelligence platforms (e.g., Power BI)
Working knowledge of XML/JSON/Excel (Pivot Tables, VLOOKUPs, etc.)
Experience with Data Warehousing and Extract, Load, Transform (ETL) process. Ability to work with databases and write simple to complex queries using SQL
Have knowledge of software development methodologies (e.g., Agile, Waterfall). As well as familiarity with Cloud services (Azure)
Learn more about the LexisNexis Risk team and how we work here (https://relx.wd3.myworkdayjobs.com/RiskSolutions/page/21c296c982531000b79663f3194b0000)
At LexisNexis Risk Solutions, having diverse employees with different perspectives is key to creating innovative new products for our global customers. We have 30 diversity employee networks globally and prioritize inclusive leadership and equitable processes as part of our culture. Our aim is for every employee to be the best version of themselves. We would actively welcome applications from candidates of diverse backgrounds and underrepresented groups.
We are an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form: https://forms.office.com/r/eVgFxjLmAK , or please contact 1-855-833-5120.
Please read our Candidate Privacy Policy (https://www.relx.com/careers/join-us/privacy) .
RELX is a global provider of information and analytics for professional and business customers across industries.
We help scientists make new discoveries, lawyers win cases, doctors save lives and insurance companies offer customers lower prices. We save taxpayers and consumers money by preventing fraud and help executives forge commercial relationships with their clients.
In short, we enable our customers to make better decisions, get better results and be more productive.