Sr. Auditor, Global Information Security - GRC Federal

Netskope is seeking a highly skilled and motivated member to support our Internal Security Team. In this role, you will collaborate closely with the Global GRC Officer and Federal Program teams to drive federal compliance initiatives, support federal assessments, and ensure the continuous monitoring and operational effectiveness for Federal controls. This position presents a unique opportunity to contribute to Netskope's mission of redefining cloud security while safeguarding the integrity and confidentiality of our internal systems and data.

Responsibilities:

• Federal Compliance and Auditing

  • Collaborate with the Security and GRC Leadership along with Federal Program teams to perform audits and assessments for federal programs, ensuring compliance with applicable regulations (e.g., FedRAMP, NIST).
  • Assist in the development and review of mandatory documentation (SSP Packages).
  • Oversee annual compliance audits, including FedRAMP High, PBMM, IRAP, ISMAP, and others, liaising with external auditors and accreditation authorities.

• Program Management: Lead and/or support key Federal compliance programs and projects, ensuring timely delivery, effective resource allocation, and alignment with regulatory requirements and industry best practices.

  • Partner with engineers to interpret and map compliance requirements to control implementation and assist with product architecture.
  • Evaluate and advise the business on new and evolving US Government certification programs, requirements, and technologies.

• Continuous Monitoring

  • Ensure the ongoing monitoring and operational effectiveness of federal controls.
  • Manage customer-facing POA&Ms (Plan of Action and Milestones) and support remediation efforts.

• Cross-Functional Collaboration:

  • Collaborate with other departments and teams, including Engineering, Program Management, Product Management, Corporate Engineering, Legal, Human Resources, and Finance, to integrate security and compliance requirements into business processes, projects, and initiatives.

• Mentorship and Guidance:

  • Provide mentorship and guidance to junior team members, offering expertise on federal compliance, audit processes, and control assessments.

• Office and Field Support: Support and host executive briefings and other events with customers, prospects, and peers.

Qualifications:

• Extensive experience in cybersecurity or information security, with a focus on security operations, risk management, and compliance.
• Proven leadership skills with the ability to effectively manage and motivate teams, drive consensus, and influence stakeholders at all levels of the organization.
• Strong understanding of security frameworks, standards, and regulations (e.g., FedRAMP, NIST Cybersecurity Framework, ISO 27001, NIST 800-53, DoD SRG, CMMC, PBMM, ISMAP, etc.) and their application within enterprise and cloud environments.
• Extensive experience working with cloud service providers and underlying cloud infrastructure, architecture and technologies.
• Excellent communication and presentation skills, with the ability to articulate complex security concepts to technical and non-technical audiences.
• Bachelor's degree in cybersecurity, information technology, computer science, or a related field.
• Experience working in a fast-paced, dynamic environment with the ability to adapt quickly to changing priorities and requirements.
• Industry certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
• Proficiency in security technologies and tools, including SIEM, IDS/IPS, endpoint protection, firewalls, DLP, and encryption.
• Strong analytical and problem-solving skills, with the ability to think critically and make sound decisions under pressure.
• Commitment to continuous learning and professional development, staying informed about emerging security threats, trends, and technologies.
• Must be based in the US and have US Citizenship Status that meets Federal Contractual requirements.
• Existing US Secret clearance or the ability to attain it.

Join Netskope and play a key role in protecting our organization's most valuable assets. If you are a strategic thinker, security expert, and collaborative leader passionate about advancing cybersecurity, we want to hear from you!

#LI-SC1