Join us in bringing joy to customer experience.  Five9 is a leading provider of cloud contact center software, bringing the power of cloud innovation to customers worldwide.   

Living our values everyday results in our team-first culture and enables us to innovate, grow, and thrive while enjoying the journey together. We celebrate diversity and foster an inclusive environment, empowering our employees to be their authentic selves. 

This role requires a strong understanding of vulnerability management, FedRAMP requirements, and the authorization process. The successful candidate will partner with internal and external stakeholders, including vendors and third-party assessment organizations (3PAOs), to ensure remediation is completed, controls are implemented and documented in accordance with FedRAMP compliance standards, and SLAs are met.  The primary responsibilities are to complete activities required to maintain and update FedRAMP Continuous Monitoring documentation for the Five9 FedRAMP program. This role will be coordinating with departments at multiple levels as required to ensure the business objectives within FedRAMP program are achieved. 

 
Responsibilities 

  • Perform comprehensive assessments of systems, infrastructure, and processes to identify vulnerabilities and gaps in meeting FedRAMP compliance 
  • Analyze infrastructure, data flows, access controls, encryption methods, and security frameworks to ensure alignment with the FedRAMP Moderate baseline 
  • Maintain documentation and perform continuous monitoring of compliance with FedRAMP standards 
  • Assist with authorization packages, System Security Plans, and preparing for FedRAMP P-ATO assessments 
  • Collaborate with engineering teams to provide guidance on building FedRAMP compliant cloud architecture 
  • Collaborate with team members to help manage the continuous monitoring (ConMon) program, including internal and external reporting on vulnerabilities, tracking POA&Ms, and developing ConMon artifacts. 
  • Conduct continuous monitoring activities to assess the effectiveness of security controls and identify potential vulnerabilities or non-compliance issues. 
  • Generate or facilitate deviation requests as required. 
  • Coordinate with internal stakeholder engineering teams to document security compliance control implementations for technical, management, and operational requirements. 
  • Assist in tracking of metrics and measurements through Plans of Action and Milestones (POA&Ms) and prepare Annual Authorization reports to support continuous monitoring 
  • Cultivate strong working relations with industry regulators, accreditation bodies, and authorized auditing firms 

Qualifications: 

  • Strong governance, risk and compliance experience and familiarity with cloud data security (NIST SP 800 Series, FedRAMP and FISMA) 
  • Proven experience in FedRAMP Continuous Monitoring activities and understanding of SaaS SDLC and agile processes. 
  • Familiarity with vulnerability management concepts, such as CVE and CVSS. 
  • Ability to quickly change priorities and handle simultaneous tasks. 
  • Strong analytical and problem-solving skills, excellent communication and interpersonal skills, and ability to work independently and as part of a team. 
  • Experience interviewing subject matter experts and using knowledge to develop, edit, and revise documentation including standard operating procedures, system security plans, and policies and procedures. 
  • Experience with technical documentation related to FIPS 199, NIST SP 800-53 REV 5,  continuous monitoring, and POA&M management 
  • Bachelor’s degree and 5+ years of experience or an additional 4 years of experience in lieu of a degree. 
  • Clearance: To comply with U.S. federal government security requirements, U.S. citizenship is required, and your employment will be conditioned upon obtaining the Public Trust Verification. 

 

Preferred Skills: 

  • Prior experience with Nessus Tenable, Wiz, or Sunbird 
  • Knowledge of other industry security standards (for example PCI, SOC 2, ISO 27000, etc.) 
  • Working knowledge of HIPAA and privacy  
  • Certification in relevant areas such as CISSP, CISM, CISA, PMP 

Work Location: This role is fully remote for candidates who reside outside the 50 mile radius of our San Ramon office.  For candidates who reside within 50 miles of our San Ramon location, this role is Hybrid and would require 3 days a week (M, W, TH) in our San Ramon office. 


As part of our continued commitment to diversity, equity, and inclusion, Five9 supports pay transparency during the entire recruitment process.  Actual compensation packages are based on several factors that are unique to each candidate including, but not limited to: skill set, depth of experience, certifications, and specific work location. The range displayed reflects the minimum and maximum target for new hire salaries for the job across the United States. Your recruiter can share more about the specific compensation package during your hiring process.

 

Additionally, the total compensation package for this position may also include an annual performance bonus, stock, and/or other applicable incentive compensation plans.

 

Our total reward package also includes:

  • Health, dental, and vision coverage, beginning on the first day of employment. Five9 covers 100% of the employee portion of the health, dental and vision coverage and shares a high portion of the dependent cost. We also offer Short & Long-Term Disability, Basic Life Insurance, and a 401k saving plan with employer matching.
  • Access to an innovative mental health support platform that offers personalized care and resources in areas such as: therapy, coaching and self-guided mindfulness exercises for all covered employees and their covered dependents.
  • Generous employee stock purchase plan.
  • Paid Time Off, Company paid holidays, paid volunteer hours and 12 weeks paid parental leave.

All compensation and benefits are subject to the requirements and restrictions set forth in the applicable plan documents and any written agreements between the parties.

The US base salary range for this role is below.
$77,800$145,500 USD

Five9 embraces diversity and is committed to building a team that represents a variety of backgrounds, perspectives, and skills.  The more inclusive we are, the better we are.  Five9 is an equal opportunity employer. 

Our headquarters are located in the San Francisco Bay Area with global hubs in the United Kingdom, Germany, Philippines, Portugal, and Australia. 


View our privacy policy, including our privacy notice to California residents here: https://www.five9.com/pt-pt/legal.  

Note: Five9 will never request that an applicant send money as a prerequisite for commencing employment with Five9.

Apply for this Job

* Required
resume chosen  
(File types: pdf, doc, docx, txt, rtf)
cover_letter chosen  
(File types: pdf, doc, docx, txt, rtf)


Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Five9’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.


Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.


Enter the verification code sent to to confirm you are not a robot, then submit your application.

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.