People Matter

FedRamp Continuous Monitoring Automation Engineer (Remote US)

RingCentral

RingCentral

Software Engineering
Multiple locations
Posted on May 21, 2024

FedRAMP Continuous Monitoring Automation Engineer (Remote US):

Say hello to possibilities.
It’s not everyday that you consider starting a new career challenge.
We’re RingCentral, a global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device.

We’re a $2.4 billion company that’s growing at 10+% annually and we’re expanding our Security & Compliance team to make sure we stay ahead of the competition.

About this role:
The RingCentral GRC team is looking for a technically focused individual to drive a range of FedRAMP related security work streams as well as help manage day to day team function. As a FedRAMP Continuous Monitoring Automation Engineer, you will play a pivotal role in enhancing the efficiency and effectiveness of our organization's FedRAMP compliance efforts. You will be responsible for designing, developing, and implementing automation solutions to streamline continuous monitoring activities, improve risk assessment processes, and ensure ongoing compliance with FedRAMP requirements. This role can be 100% remote, or a hybrid role based at one of our offices in Denver CO, Dallas TX, or Belmont CA.


Key Responsibilities:

  • Design and develop automation solutions to streamline FedRAMP continuous monitoring activities, including security controls testing, vulnerability assessments, and compliance reporting.
  • Evaluate and select appropriate automation tools and technologies to support FedRAMP compliance efforts. Integrate automation solutions with existing systems and tools to ensure seamless data flow and interoperability.
  • Develop scripts, code, and automation workflows using programming languages such as Python, PowerShell, or JavaScript to automate manual tasks and processes related to FedRAMP compliance.
  • Develop automated reporting mechanisms to generate FedRAMP compliance reports, dashboards, and metrics. Ensure accuracy and completeness of compliance data and documentation.
  • Document automation workflows, procedures, and configurations. Maintain accurate and up-to-date documentation to support audit and compliance requirements.
  • Conduct thorough testing and validation of automation solutions to ensure reliability, accuracy, and effectiveness. Address any issues or discrepancies identified during testing promptly.
  • Collaborate with cross-functional teams, including IT, security, and compliance, to identify automation opportunities and requirements for continuous monitoring.
  • Conduct regular reviews and audits of automated monitoring systems to ensure accuracy, reliability, and effectiveness in detecting security incidents and compliance deviations.

Required Skills:

  • At least 5 years of experience in automation engineering, with a focus on security and compliance monitoring.
  • Strong proficiency in scripting languages such as Python, PowerShell, or Shell scripting for automation purposes.
  • Experience with automation tools and frameworks such as Ansible, Puppet, or Terraform.
  • Knowledge and understanding how to use frameworks: Django, Celery
  • Familiarity with cloud platforms such as AWS, Azure, or GCP, and their associated security services.
  • Excellent analytical and problem-solving skills, with the ability to troubleshoot complex technical issues and develop innovative solutions.
  • Effective communication and collaboration skills, with the ability to work closely with cross-functional teams and stakeholders.


Education/Prerequisites:

  • Bachelor's Degree in Security or Information Security field.
  • US citizenship strongly preferred.
  • Relevant certifications, such as Certified Information Systems Security Professional (CISSP) or Certified Automation Engineer (CAE), preferred.
  • Understanding of FedRAMP requirements, NIST Standards, and federal cybersecurity regulations
  • Experience in identification, management, and reporting of risks and POA&Ms
  • Experience performing FedRAMP assessments, authorization, and continuous monitoring (ConMon) of cloud service offerings is a plus


Summary:
Joining our team as a FedRAMP Continuous Monitoring Automation Engineer offers an exciting opportunity to contribute to the organization's cybersecurity and compliance efforts in a dynamic and challenging environment. If you are passionate about automation, cybersecurity, and compliance, and have the necessary skills and experience, we encourage you to apply.

About RingCentral:
RingCentral’s work culture is the backbone of our success. And don’t just take our word for it: we are recognized as a Best Place to Work by Glassdoor, the Top Work Culture by Comparably and hold local BPTW awards in every major location. Bottom line: We are committed to hiring and retaining great people because we know you power our success.

RingCentral, Inc. (NYSE: RNG) is a leading provider of business cloud communications and contact center solutions based on its powerful Message Video Phone™ (MVP™) global platform. More flexible and cost effective than legacy on-premises PBX and video conferencing systems that it replaces, RingCentral® empowers modern mobile and distributed workforces to communicate, collaborate, and connect via any mode, any device, and any location.

RingCentral is headquartered in Belmont, California, and has offices around the world. If you are hired in Belmont, the base salary for this position is between $140,000 and $170,000 for full-time employees, in addition to eligibility for variable pay, equity, and benefits. If you are hired in Colorado, the base salary for this position is between $120,000 and $150,000.

RingCentral is an equal opportunity employer that truly values diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.