What are the responsibilities and job description for the Public Sector ISSO position at Verily?
Who We Are
Verily is a subsidiary of Alphabet that is using a data-driven approach to change the way people manage their health and the way healthcare is delivered. Launched from Google X in 2015, our purpose is to bring the promise of precision health to everyone, every day. We are focused on generating and activating data from a variety of sources, including clinical, social, behavioral and the real world, to arrive at the best solutions for a person based on a comprehensive view of the evidence. Our unique expertise and capabilities in technology, data science and healthcare enable the entire healthcare ecosystem to drive better health outcomes.
Description
We are seeking an experienced Information Systems Security Officer (ISSO) to lead our Public Sector compliance efforts. The ideal candidate will have a strong background leading Federal compliance programs, with specific expertise in guiding our engineering and product teams to comply with requirements. This role will be critical in ensuring our cloud services meet the stringent security requirements set by the Federal Risk and Authorization Management Program and Federal Information Security Modernization Act.
As a Public Sector Security Compliance ISSO, you will lead efforts to achieve the necessary Authority to Operate for Verily’s products in scope.You will be directly supporting our products that serve Federal Agency Customers.
Responsibilities
Minimum Qualifications
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits.
Verily is a subsidiary of Alphabet that is using a data-driven approach to change the way people manage their health and the way healthcare is delivered. Launched from Google X in 2015, our purpose is to bring the promise of precision health to everyone, every day. We are focused on generating and activating data from a variety of sources, including clinical, social, behavioral and the real world, to arrive at the best solutions for a person based on a comprehensive view of the evidence. Our unique expertise and capabilities in technology, data science and healthcare enable the entire healthcare ecosystem to drive better health outcomes.
Description
We are seeking an experienced Information Systems Security Officer (ISSO) to lead our Public Sector compliance efforts. The ideal candidate will have a strong background leading Federal compliance programs, with specific expertise in guiding our engineering and product teams to comply with requirements. This role will be critical in ensuring our cloud services meet the stringent security requirements set by the Federal Risk and Authorization Management Program and Federal Information Security Modernization Act.
As a Public Sector Security Compliance ISSO, you will lead efforts to achieve the necessary Authority to Operate for Verily’s products in scope.You will be directly supporting our products that serve Federal Agency Customers.
Responsibilities
- Own the development, implementation, and management of our FedRAMP/ FISMA compliance program, ensuring that our relevant products meet or exceed requirements.
- Develop and maintain the authorization package including comprehensive documentation, including System Security Plans, policies, procedures, and controls, to support FedRAMP/FISMA compliance initiatives. Ensure alignment of documentation with Verily overall unified compliance controls framework. Serve as the primary point of contact for federal agencies on security matters.
- Prepare and present compliance reports to senior management and stakeholders, highlighting the status of Public Sector Compliance initiatives and any areas requiring attention.
- Partner with sales teams to provide technical expertise during the sales process, participating in customer meetings, product demonstrations, RFP responses, and proof-of-concept engagements.
- Partner with product and engineering team to design security product architecture and features for federal customers.
Minimum Qualifications
- Bachelor's degree in Computer Science, Information Systems, or a related field. 8 years of experience in Security Architecture, similar role, with a focus on audit attestation, 3 years of direct experience with the FedRAMP Authorization Process, 3 year experience with GRC analysis or audit.
- In-depth knowledge of FedRAMP authorization process including creating and managing POA&Ms, continuous monitoring, etc.
- Working knowledge of cloud applications, security tools and SaaS environments.
- Experience acting as a liaison with Federal Agencies for security.
- Relevant certifications such as CISSP, CISM, CRISC, or CISA are highly desirable.
- Experience conducting security audits, risk assessments, and vulnerability assessments.
- Excellent analytical and problem-solving skills, with the ability to identify and mitigate risks effectively.
- Prior experience with Google Cloud Platform and Amazon Web Services is a plus.
- Ability to translate technical security requirements into business language and communicate the value of security initiatives to key stakeholders.
Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits.
Salary : $194,000 - $258,000
