Appian is seeking a Senior Cloud Compliance Analyst to join our internal Security Team. The Senior Cloud Compliance Analyst will be responsible for assessing security & compliance requirements, industry best practices, & customer commitments. The Cloud Compliance Analyst must have experience interacting with process owners, testing & documenting large control sets, handling inquiries from external auditors, & assessing security/compliance risk. The role will be heavily focused on evaluating technology controls internally against public sector frameworks (e.g., FedRAMP, DISA IL, FISMA, NIST) & is regularly updated to address upcoming industry risks.
What you will do:
- Support the implementation of the strategic vision for Technical Compliance that is aligned with company vision.
- Evaluate new & evolving regulations programs.
- Assess potential regulatory changes for impact on Security compliance objectives.
- Translate regulatory requirements to internal business partners & drive alignment on compliance requirements.
- Previous experience with SaaS/PaaS/IaaS provider who has achieved a Marketplace ATO
- Develop engineering guidelines based on regulatory requirements.
- Work collaboratively with a team as a compliance specialist in at least one area of expertise.
- Assist in defining regulatory controls sufficiently to address the required objectives of the regulatory body in a manner consumable by engineering teams.
- Proactively identify gaps or conflicts in existing processes & drive remediation of control deficiencies identified during the audit process.
- Assist with the education & training of process/control owners so they better understand the technology controls framework & their responsibilities.
- Support the implementation of the strategic vision for Technical Compliance that aligns with the company's direction.
- Build strong relationships with business partners (Information Security/Security GRC, Internal IT, Legal, Engineering, & Products team) & facilitate continuous improvement aligned with operational processes.
- Effectively communicate program execution status, key accomplishments, & risks to management both within the compliance center & to our business partners.
- Drive continuous improvement by interfacing with internal business partners & leveraging prior IT audit experience to add value.
- Strong knowledge of Public Cloud Service Providers (AWS, Google, Azure), specifically the types of services offered & industry standard internal controls & best practices for configuring & managing these services (AWS preferred).
- Experienced in writing Technical documentation & knowledge of Cloud & Security concepts
- Experience on NIST SP 800 Series, FedRAMP & FISMA
- Experience & familiarity with DoD Impact Level (IL) standards
- Experience with writing, editing, and/or managing a wide variety of IT security documentation & familiarity with federal IT standards such as Federal Information Security Management Act (FISMA)
- Experience interviewing subject matter experts & using knowledge to develop, edit, & revise documentation including standard operating procedures, system security plans, & policies & procedures.
- Experience with the production and/or editing of technical drawings using Draw.IO/Visio or similar design tools.
- Experience with technical documentation related to FIPS 199, NIST SP 800-37, NIST SP 800-53 REV 4, FISMA A&A, & continuous monitoring, & POA&M management.
- Understanding of Third-party Assessment Organizations (3PAO)
- US Citizenship required
Appian helps organizations build apps & workflows rapidly, with a low-code automation platform. Combining people, technologies, & data in a single workflow, Appian can help companies maximize their resources & improve business results. Many of the worlds largest organizations use Appian applications to improve customer experience, achieve operational excellence, & simplify global risk management & compliance. Our employees create opportunities to drive hands-on impact both with our customers & throughout the organization, which creates an environment where meaningful work is met with career growth & opportunity. As a result, we are proud to have been recognized as a Washington Post Top Workplace for seven consecutive years. Simply put, we are changing the way businesses operate & our employees are to thank for Appians success.
Appian Corporation is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. Further, Appian will not discriminate against applicants for inquiring about, discussing or disclosing their pay or, in certain circumstances, the pay of their coworker, Pay Transparency Nondiscrimination.
If you need a reasonable accommodation for any part of the employment process, please contact us by email at ReasonableAccommodations@appian.com & let us know the nature of your request & your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address.