Coralogix
About The Position
Coralogix is seeking a Senior Compliance Analyst for our FedRAMP compliance program. You will ensure our SaaS meets federal security standards and advance us from FedRAMP Ready to Authorized, partnering with our agency sponsor as we enter audit. This is a full-time position, ideal for a seasoned compliance professional with deep knowledge of NIST SP 800-53 controls and FedRAMP requirements. You will have 5+ years leading ATOs for cloud services, guiding engineering teams from planning through continuous monitoring and acting as our liaison to the FedRAMP Agency and PMO to resolve questions and ensure compliance. Coralogix is a modern, full-stack observability platform transforming how businesses process and understand their data. Our architecture enables in-stream analytics with monitoring of logs, metrics, traces, and security events, including features such as APM, RUM, SIEM, Kubernetes monitoring, and AI Observability.
Key Responsibilities & Duties Lead FedRAMP Compliance Project: Oversee the FedRAMP Moderate authorization audit, conduct internal compliance reviews, and manage cross-functional efforts to meet project timelines and milestones. Documentation Management: Prepare, review, and update all required FedRAMP security documentation including the System Security Plan (SSP), Plan of Action & Milestones (POA&M), Security Assessment Plan/Report (SAP/SAR), and related artifacts. Controls Assessment: Map and analyze current security controls against the FedRAMP Moderate baseline and NIST SP 800-53 to identify gaps and remediation needs; provide guidance to remediate gaps and implement controls. Implement & Monitor Controls: Assist in implementing and monitoring security controls for the FedRAMP environment and coordinate continuous monitoring processes with DevOps and SecOps teams. Cross-Functional Coordination: Coordinate with internal teams to integrate FedRAMP security requirements into system design, development, and operations; guide technical teams on FedRAMP controls and cloud security best practices. Audit Liaison: Serve as the primary liaison with external parties during FedRAMP assessments; interface with 3PAO, sponsoring agency, and FedRAMP advisors/auditors; schedule audit activities and address findings. POA&M Coordination: Coordinate with SecOps the Plans of Action and Milestones resulting from security assessments and drive remediation to closure within timelines. Reporting & Risk Communication: Communicate risks and mitigation plans clearly and prepare materials for FedRAMP project reviews, audits, and annual assessments. Continuous Improvement: Stay up-to-date with FedRAMP, NIST guidelines, and emerging security threats; evaluate and recommend improvements to security controls and processes.
Requirements Experience: 5+ years in security compliance or risk management, including direct FedRAMP compliance experience. Education & Experience: Bachelor’s degree in Information Security, Computer Science, or related field (strong consideration). FedRAMP & NIST Expertise: Knowledge of FedRAMP baseline requirements and NIST SP 800-53; familiarity with FedRAMP authorization process and federal information security standards (FISMA). FedRAMP Audit Experience: Experience leading or playing a major role in a FedRAMP ATO process or security assessment; hands-on involvement with FedRAMP audits. Cloud Environment Familiarity: Experience with cloud infrastructure and SaaS environments, including government cloud platforms (e.g., AWS GovCloud, Azure Government); knowledge of secure cloud configurations, virtualization, containerization, encryption, and network security. Certifications: At least 1 professional certification such as CISSP, CISM, CGRC, or CompTIA Cloud+. Communication & Collaboration: Strong written and verbal communication; ability to collaborate with cross-functional teams and convey requirements to technical and non-technical stakeholders. Analytical Skills: Strong analytical and problem-solving abilities; able to manage multiple priorities and meet deadlines in a fast-paced environment. Location: Ability to work in Boston HQ 2-3 days per week.
Cultural Fit
We’re seeking candidates who are hungry, humble, and smart. Coralogix fosters a culture of innovation and continuous learning, where team members are encouraged to challenge the status quo and contribute to our mission.
Compensation & Benefits
Compensation: The on-target earnings range for this role is $130,000 - $150,000, based on experience, skills, education, and location. Benefits: Comprehensive healthcare, dental, mental health benefits, a 401(k) plan with match, paid sick time, and paid time off.
Coralogix is an equal-opportunity employer and encourages applicants from all backgrounds to apply.
#J-18808-Ljbffr
Coralogix is seeking a Senior Compliance Analyst for our FedRAMP compliance program. You will ensure our SaaS meets federal security standards and advance us from FedRAMP Ready to Authorized, partnering with our agency sponsor as we enter audit. This is a full-time position, ideal for a seasoned compliance professional with deep knowledge of NIST SP 800-53 controls and FedRAMP requirements. You will have 5+ years leading ATOs for cloud services, guiding engineering teams from planning through continuous monitoring and acting as our liaison to the FedRAMP Agency and PMO to resolve questions and ensure compliance. Coralogix is a modern, full-stack observability platform transforming how businesses process and understand their data. Our architecture enables in-stream analytics with monitoring of logs, metrics, traces, and security events, including features such as APM, RUM, SIEM, Kubernetes monitoring, and AI Observability.
Key Responsibilities & Duties Lead FedRAMP Compliance Project: Oversee the FedRAMP Moderate authorization audit, conduct internal compliance reviews, and manage cross-functional efforts to meet project timelines and milestones. Documentation Management: Prepare, review, and update all required FedRAMP security documentation including the System Security Plan (SSP), Plan of Action & Milestones (POA&M), Security Assessment Plan/Report (SAP/SAR), and related artifacts. Controls Assessment: Map and analyze current security controls against the FedRAMP Moderate baseline and NIST SP 800-53 to identify gaps and remediation needs; provide guidance to remediate gaps and implement controls. Implement & Monitor Controls: Assist in implementing and monitoring security controls for the FedRAMP environment and coordinate continuous monitoring processes with DevOps and SecOps teams. Cross-Functional Coordination: Coordinate with internal teams to integrate FedRAMP security requirements into system design, development, and operations; guide technical teams on FedRAMP controls and cloud security best practices. Audit Liaison: Serve as the primary liaison with external parties during FedRAMP assessments; interface with 3PAO, sponsoring agency, and FedRAMP advisors/auditors; schedule audit activities and address findings. POA&M Coordination: Coordinate with SecOps the Plans of Action and Milestones resulting from security assessments and drive remediation to closure within timelines. Reporting & Risk Communication: Communicate risks and mitigation plans clearly and prepare materials for FedRAMP project reviews, audits, and annual assessments. Continuous Improvement: Stay up-to-date with FedRAMP, NIST guidelines, and emerging security threats; evaluate and recommend improvements to security controls and processes.
Requirements Experience: 5+ years in security compliance or risk management, including direct FedRAMP compliance experience. Education & Experience: Bachelor’s degree in Information Security, Computer Science, or related field (strong consideration). FedRAMP & NIST Expertise: Knowledge of FedRAMP baseline requirements and NIST SP 800-53; familiarity with FedRAMP authorization process and federal information security standards (FISMA). FedRAMP Audit Experience: Experience leading or playing a major role in a FedRAMP ATO process or security assessment; hands-on involvement with FedRAMP audits. Cloud Environment Familiarity: Experience with cloud infrastructure and SaaS environments, including government cloud platforms (e.g., AWS GovCloud, Azure Government); knowledge of secure cloud configurations, virtualization, containerization, encryption, and network security. Certifications: At least 1 professional certification such as CISSP, CISM, CGRC, or CompTIA Cloud+. Communication & Collaboration: Strong written and verbal communication; ability to collaborate with cross-functional teams and convey requirements to technical and non-technical stakeholders. Analytical Skills: Strong analytical and problem-solving abilities; able to manage multiple priorities and meet deadlines in a fast-paced environment. Location: Ability to work in Boston HQ 2-3 days per week.
Cultural Fit
We’re seeking candidates who are hungry, humble, and smart. Coralogix fosters a culture of innovation and continuous learning, where team members are encouraged to challenge the status quo and contribute to our mission.
Compensation & Benefits
Compensation: The on-target earnings range for this role is $130,000 - $150,000, based on experience, skills, education, and location. Benefits: Comprehensive healthcare, dental, mental health benefits, a 401(k) plan with match, paid sick time, and paid time off.
Coralogix is an equal-opportunity employer and encourages applicants from all backgrounds to apply.
#J-18808-Ljbffr