Senior Information Security Internal Auditor

Everbridge is the leading critical event management platform trusted by corporations and communities of all sizes to help keep people safe and business running! Connecting more than 100 million people and internet-enabled devices, the company assures that secure, compliant communications are delivered and confirmed, whether locally or globally. We are currently hiring a Senior Information Security Internal Auditor. This position can be fully remote or hybrid out of one of our offices.

What you'll do:

• Develop and manage the internal audit program as part of the Compliance portfolio based on FedRAMP Moderate requirements, and other applicable standards.
• Diligently maintain the company’s Information Security and Privacy Framework and underlying policies, procedures, standards and guidelines.
• Conduct NIST 800-53 compliance audits and assessments and provide recommendations based upon FedRAMP defined controls and industry best practices
• Be fully responsible for Monthly FedRAMP ConMon assessments and submissions
• Will work closely with engineering and operation teams to ensure timely delivery of FedRAMP documents and meeting project milestones and objectives
• Liaise with auditors, articulate control implementation and impact, and describe considerations for applying security and compliance concepts to a technical cloud environment.
• Represent Compliance on FedRAMP, and other certification project and strategies
• Provide the necessary support with maintaining documentation/evidence/artifacts
• Manage and organize the audits and documents using a GRC System
• Create audit plans and audit reports
• Keep documentation organized and document processes and guidelines
• Develop approach for continuous monitoring efforts and recertifications
• Assist with other audit activities as needed
• Facilitate external audits

What you'll bring:

• Experience working with FedRAMP, NIST 800-53, FISMA, and/or similar governance and compliance framework
• Strong understanding of FedRAMP information collection and reporting process
• Experience in reports development (status, metrics, and measures)
• Minimum 3 years of experience in security, assessments or compliance consulting or advisory work in in support of a highly technical environment.
• Minimum 3 years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. FedRAMP, SOC 2, Bsi C5, or ISO 27001).
• Knowledge of Information Management policies, requirements, and best practices
• Ability to communicate in a clear and well-organized fashion and to influence decision-makers, both verbally and in writing
• Ability to lead with initiative and persuasiveness
• Excellent interpersonal and organizational skills
• CIA, CISA, CCSP, ISO 27001 Auditor Certification are a plus