Public Sector ISS, FedRAMP

Who We Are

Verily is a subsidiary of Alphabet that is using a data-driven approach to change the way people manage their health and the way healthcare is delivered. Launched from Google X in 2015, our purpose is to bring the promise of precision health to everyone, every day. We are focused on generating and activating data from a variety of sources, including clinical, social, behavioral and the real world, to arrive at the best solutions for a person based on a comprehensive view of the evidence. Our unique expertise and capabilities in technology, data science and healthcare enable the entire healthcare ecosystem to drive better health outcomes.

We are seeking an experienced Information Systems Security Officer (ISSO) to lead our Public Sector compliance efforts. The ideal candidate will have a strong background leading Federal compliance programs, with specific expertise in guiding our engineering and product teams to comply with requirements. This role will be critical in ensuring our cloud services meet the stringent security requirements set by the Federal Risk and Authorization Management Program and Federal Information Security Modernization Act.

As a Public Sector Security Compliance ISSO, you will lead efforts to achieve the necessary Authority to Operate for Verily’s products in scope.You will be directly supporting our products that serve Federal Agency Customers.

Responsibilities

• Own the development, implementation, and management of our FedRAMP/ FISMA compliance program, ensuring that our relevant products meet or exceed requirements.
• Develop and maintain the authorization package including comprehensive documentation, including System Security Plans, policies, procedures, and controls, to support FedRAMP/FISMA compliance initiatives. Ensure alignment of documentation with Verily overall unified compliance controls framework. Serve as the primary point of contact for federal agencies on security matters.
• Prepare and present compliance reports to senior management and stakeholders, highlighting the status of Public Sector Compliance initiatives and any areas requiring attention.
• Partner with sales teams to provide technical expertise during the sales process, participating in customer meetings, product demonstrations, RFP responses, and proof-of-concept engagements.
• Partner with product and engineering team to design security product architecture and features for federal customers.

Qualifications

Minimum Qualifications

• Bachelor's degree in Computer Science, Information Systems, or a related field. 8+ years of experience in Security Architecture, similar role, with a focus on audit attestation, 3+ years of direct experience with the FedRAMP Authorization Process, 3+ year experience with GRC analysis or audit.
• In-depth knowledge of FedRAMP authorization process including creating and managing POA&Ms, continuous monitoring, etc.
• Working knowledge of cloud applications, security tools and SaaS environments.
• Experience acting as a liaison with Federal Agencies for security.

Preferred Qualifications

• Relevant certifications such as CISSP, CISM, CRISC, or CISA are highly desirable.
• Experience conducting security audits, risk assessments, and vulnerability assessments.
• Excellent analytical and problem-solving skills, with the ability to identify and mitigate risks effectively.
• Prior experience with Google Cloud Platform and Amazon Web Services is a plus.
• Ability to translate technical security requirements into business language and communicate the value of security initiatives to key stakeholders.

The US base salary range for this full-time position is $194,000 - $258,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific salary range for your preferred location during the hiring process.

Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits.

#LI-SR1 

Why Join Us

Build What’s Vital.

At Verily, you are a part of something bigger. We are a diverse team of builders innovating at the intersection of health and technology—united by a shared spirit of curiosity, resilience and determination to make better health possible for all. This builder mindset means your fingerprints will be on the work that shapes the future of health. 

Fulfilling our precision health purpose starts with the health of our Veeps, which is why we offer flexibility, resources, and competitive benefits to support you in your whole-person well being. 

Our culture reflects the behaviors that stem from living our values every day in how we Innovate Healthcare and Technology, Gain Velocity as One Verily, and Respect Individuals. As One Verily, we uphold our collective accountability to sustain this culture and to create a VIBE (Verily’s Culture of Inclusion, Belonging, and Equitability) where all Veeps feel included, a sense of belonging, and have opportunities to grow. 

If this sounds exciting to you, we would love to hear from you.

You can find out more about our company culture on our LinkedIn Company Page and Verily Careers page.