FedRamp Continuous Monitoring Analyst (Remote USA) (must be US citizen)

Say hello to opportunities.

 It’s not everyday that you consider starting a new career. We’re RingCentral, and we’re happy that someone as talented as you is considering this role. First, a little about us, we’re a $2 Billion annual revenue company with double digit Annual Recurring Revenue (ARR) and a $93 Billion market opportunity in UCaaS, Contact Center and AI-powered adjacencies. We invest more than $250 million annually to ensure our AI-enabled technology and platforms meet or exceed the needs of our customers. 

RingSense AI is our proprietary AI solution. It’s designed to fit the business needs of our customers, orchestrated to be accurate and precise, and built on the same open platform principles we apply to our core software solutions. 

This is where you and your skills come in. We're currently looking for: FedRAMP Continuous Monitoring Analyst (Remote US)

As the FedRAMP Continuous Monitoring Professional at RingCentral, your primary responsibilities are to complete activities required to maintain and update FedRAMP Continuous Monitoring documentation for the RingCentral FedRAMP program.  Coordinate with departments at multiple levels as required to ensure business objectives within FedRAMP Continuous Monitoring are achieved.

Track solution efforts and advise leadership as required on status and blockers. This role can be 100% remote, or a hybrid role based at one of our offices in Denver CO, Dallas TX, or Belmont CA. 

Responsibilities:

• Collaborate with team members to help manage the continuous monitoring (ConMon) program, including internal and external reporting on vulnerabilities, tracking POA&Ms, and developing ConMon artifacts
• Interface with stakeholders at all levels of the organization and agency, FedRAMP PMO, consultants, and the 3PAO assessment team as required to maintain certification.
• Join the recurring agency ConMon meetings; including the review and submission of required artifacts
• Assist with the annual 3PAO security assessment from initiation to project closure
• Generate or facilitate deviation requests as required
• Perform functions as assigned in support of the Continuous Monitoring efforts.
• Conduct continuous monitoring activities to assess the effectiveness of security controls and identify potential vulnerabilities or non-compliance issues.
• Maintain and update the organization's System Security Plan (SSP) and other documentation required for FedRAMP compliance.
• Monitor security alerts and incidents, investigate and analyze security events, and coordinate appropriate response actions.
• Develop and implement procedures for security incident detection, response, and reporting, in accordance with FedRAMP requirements.
• Conduct periodic risk assessments and vulnerability scans to identify emerging threats and ensure timely mitigation.
• Prepare and present regular reports on the status of FedRAMP compliance activities to management and relevant stakeholders.
• Coordinate efforts to obtain and maintain FedRAMP certification
• Edit/update POAM documentation

To succeed in this role, you must have experience in:

• Proven experience in FedRAMP Continuous Monitoring activities.
• Knowledge and experience in large, hybrid FedRAMP programs
• Familiarity with vulnerability management concepts, such as CVE and CVSS.
• Ability to quickly change priorities and handle simultaneous tasks.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team.
• To comply with U.S. federal government security requirements, U.S. citizenship is required and your employment will be conditioned upon obtaining the Public Trust Verification.

Desired Qualifications:

• Bachelor's Degree in Security or Information Security field.
• To comply with U.S. federal government requirements, U.S. citizenship is required for this position.
• Understanding of FedRAMP requirements, NIST Standards, and federal cybersecurity regulations
• Experience in identification, management, and reporting of risks and POA&Ms
• Experience performing FedRAMP assessments, authorization, and continuous monitoring (ConMon) of cloud service offerings
• Good communication and interpersonal skills
• SEC+ or related security certifications required
• Experience with SCR and related processes is a plus.

RingCentral’s IT team ensures company data is accessible, secure, and optimized in ways that provide maximum competitive advantage.  We are constantly discovering, developing and deploying innovations that power productivity and drive better decisions for our customers. Our IT professionals are talented, ambitious, out-of-the-box thinkers who love to learn on the job—planning, deploying and maintaining state-of-the-art technology to deliver flawless performance 24/7/365.  

RingCentral’s work culture is the backbone of our success. And don’t just take our word for it: we are recognized as a Best Place to Work by Glassdoor, the Top Work Culture by Comparably and hold local BPTW awards in every major location. Bottom line: We are committed to hiring and retaining great people because we know you power our success.

About RingCentral:

RingCentral, Inc. (NYSE: RNG) is a leading provider of business cloud communications and contact center solutions based on its powerful Message Video Phone™  (MVP™) global platform. More flexible and cost effective than legacy on-premises PBX and video conferencing systems that it replaces, RingCentral® empowers modern mobile and distributed workforces to communicate, collaborate, and connect via any mode, any device, and any location.

RingCentral is headquartered in Belmont, California, and has offices around the world. If you are hired in Belmont, the base salary for this position is between $140,000 and $170,000 for full-time employees, in addition to eligibility for variable pay, equity, and benefits. If you are hired in Colorado, the base salary for this position is between $120,000 and $150,000. 

RingCentral is an equal opportunity employer that truly values diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.