Meridian Knowledge Solutions, LLC is the leading provider of enterprise, web-based learning management software. Meridian's powerful yet easy-to-use solutions are leveraged by organizations dedicated to building world-class learning enterprises inspired and focused on delivering exceptional results. For additional information about Meridian Knowledge Solutions, visit www.meridianks.com.
We're looking for a FedRAMP Compliance Manager to manage our FedRAMP and StateRAMP accreditation processes, working hand in hand with our technologists to ensure our offering is delivered in a continually compliant manner. This is a remote position with strong preference for candidates working in the Eastern or Central time zones.
In this role you will...
- Design and implement a comprehensive FedRAMP Compliance program for the Meridian LMS. This will include establishing policies, procedures, and controls to ensure compliance with FedRAMP and StateRAMP requirements.
- Manage and advise the team in ensuring security controls are met and our package is properly documented.
- Manage the end-to-end process of obtaining and maintaining FedRAMP and StateRAMP accreditation for the Meridian LMS. Oversee the documentation of compliance packages, including System Security Plans (SSPs), Security Assessment Reports (SARs), and other required artifacts.
- Regularly monitor and audit Meridian LMS system and processes to ensure ongoing compliance with FedRAMP and StateRAMP requirements. Conduct internal assessments and coordinate with external audits as necessary.
- Collaborate with internal teams and external teams, government stakeholders (e.g., FedRAMP PMO, DISA, and other accrediting bodies), and manage the relationship with our 3PAO
- Stay informed about changes in FedRAMP and StateRAMP requirements, NIST guidelines, and other relevant regulations. Continuously assess Meridian’s compliance program and make necessary adjustments to align with evolving standards.
- Act as our internal SME for federal requirements, including, but not limited to NIST 800-53, NIST 800-171, NIST 800-172, and DISA’s Secure Technical Implementation Guides (STIGs) and CIS Level 2 Benchmarks.
- Provide guidance and training to teams on requirements and best practices
- Continuously evaluate and improve Meridian LMS’s FedRAMP compliance program. Identify opportunities for automation, process optimization, and efficiency gains.
Requirements
- 5+ years of experience in one or more of the following roles:
- FedRAMP Assessor for the FedRAMP PMO as a federal employee or contractor
- JVT Lead for DISA as a federal employee or contractor
- Compliance auditor for a registered Third-Party Assessment Organization (3PAO)
- Extensive knowledge of FedRAMP, NIST, and other federal cybersecurity frameworks.
- Ability to support technology teams with cybersecurity guidance as they make architecture and implementation decisions.
- Excellent written communication and presentation skills.
- Ability to perform duties during US east coast business hours (approximately 9 am to 6 pm, Monday through Friday).
- Proficient with Microsoft Office.
- US Citizenship is required for this role.
This job description is not intended to contain a comprehensive listing of activities, duties, or responsibilities that are required. Nothing in this job description restricts Meridian’s right to assign or reassign duties and responsibilities at any time.
Meridian Knowledge Solutions is an equal employment opportunity/affirmative action employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor.
The compensation for this position is $150,000 to $160,000 per year depending on experience and qualifications. This position is eligible for a benefits package including medical, dental, vision, a 401(k) plan and company match, short-term and long-term disability coverage, basic life insurance, 7 paid holidays and flexible paid time off.