Appian is seeking a Cloud Compliance Analyst to join our internal Security Team. The Cloud Compliance Analyst will be responsible for assessing security and compliance requirements, industry best practices, and customer commitments. The Cloud Compliance Analyst must have experience interacting with process owners, testing and documenting large control sets, handling inquiries from external auditors, and assessing security/compliance risk. The role will be heavily focused on evaluating technology controls internally against public sector frameworks (e.g., FedRAMP, DISA IL, FISMA, NIST) and is regularly updated to address upcoming industry risks.
What you will do:
- Support the implementation of the strategic vision for Technical Compliance that is aligned with company vision.
- Evaluate new and evolving regulations programs.
- Assess potential regulatory changes for impact on Security compliance objectives.
- Translate regulatory requirements to internal business partners and drive alignment on compliance requirements.
- Develop engineering guidelines based on regulatory requirements.
- Work collaboratively with a team as a compliance specialist in at least one area of expertise.
- Assist in defining regulatory controls sufficiently to address the required objectives of the regulatory body in a manner consumable by engineering teams.
- Proactively identify gaps or conflicts in existing processes and drive remediation of control deficiencies identified during the audit process.
- Assist with the education and training of process/control owners so they better understand the technology controls framework and their responsibilities.
- Support the implementation of the strategic vision for Technical Compliance that aligns with the company's direction.
- Build strong relationships with business partners (Information Security/Security GRC, Internal IT, Legal, Engineering, and Products team) and facilitate continuous improvement aligned with operational processes.
- Effectively communicate program execution status, key accomplishments, and risks to management both within the compliance center and to our business partners.
- Drive continuous improvement by interfacing with internal business partners and leveraging prior IT audit experience to add value.
- Strong knowledge of Public Cloud Service Providers (AWS, Google, Azure), specifically the types of services offered and industry standard internal controls and best practices for configuring and managing these services (AWS preferred).
- Experience on NIST SP 800 Series, FedRAMP and FISMA
- Experience and familiarity with DoD Impact Level (IL) standards
- Previous experience with SaaS/PaaS/IaaS provider who has achieved a Marketplace ATO
- Experienced in writing Technical documentation and knowledge of Cloud and Security concepts
- Experience with writing, editing, and/or managing a wide variety of IT security documentation and familiarity with federal IT standards such as Federal Information Security Management Act (FISMA)
- Experience interviewing subject matter experts and using knowledge to develop, edit, and revise documentation including standard operating procedures, system security plans, and policies and procedures.
- Experience with the production and/or editing of technical drawings using Draw.IO/Visio or similar design tools.
- Experience with technical documentation related to FIPS 199, NIST SP 800-37, NIST SP 800-53 REV 4, FISMA A&A, and continuous monitoring, and POA&M management.
- Understanding of Third-party Assessment Organizations (3PAO)
- US Citizenship required
Appian helps organizations build apps and workflows rapidly, with a low-code automation platform. Combining people, technologies, and data in a single workflow, Appian can help companies maximize their resources and improve business results. Many of the world’s largest organizations use Appian applications to improve customer experience, achieve operational excellence, and simplify global risk management and compliance. Our employees create opportunities to drive hands-on impact both with our customers and throughout the organization, which creates an environment where meaningful work is met with career growth and opportunity. As a result, we are proud to have been recognized as a Washington Post Top Workplace for seven consecutive years. Simply put, we are changing the way businesses operate and our employees are to thank for Appian’s success.
Appian Corporation is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. Further, Appian will not discriminate against applicants for inquiring about, discussing or disclosing their pay or, in certain circumstances, the pay of their co‐worker, Pay Transparency Nondiscrimination.
If you need a reasonable accommodation for any part of the employment process, please contact us by email at ReasonableAccommodations@appian.com and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address.