FedRAMP Compliance Project Manager - Houston or Virginia - Work From Home

Basic Information


United States




USA Office At Home

Date published:


Job ID:


Travel Amount:


Description and Requirements

From core to cloud to edge, BMC delivers the software and services that enable over 10,000 global customers, including 84% of the Forbes Global 100, to thrive in their ongoing evolution to an Autonomous Digital Enterprise.
BMC Software is looking for a motivated and skilled individual to join the corporate IS&T SaaS Security team.  The FedRAMP Compliance Project Manager will be responsible for ensuring that the security capabilities and posture of the services provided by the BMC SaaS Security team is in compliance with the policies and standards mentioned as part of the Information Security Management System, along with review of vendor exhibits and provide responses to customer assessments.  A wide breadth of security, compliance and audit skills will be required to perform the assigned tasks.    
  • Coordinate compliance requirements for third party attestations, FedRAMP, SSAE 18, CSA, ISO 27001, HIPAA, PCI DSS, and others as needed
  • Primary liaison to all third-party audits, internal audits, and customer assessments for BMC cloud subscription service
  • Drive remediation efforts in response to internal/external audits and third party assessments
  • Work with stakeholders to resolve vulnerabilities reported by external sources
  • Provide assistance/ownership as applicable in 3rd-party certifications and authorizations
  • Key player in providing and upkeep of SaaS document library
  • Collaborate with project management office for certification milestones and subject matter experts for artifacts
  • Provide assistance to other cyber security teams, as required
  • Maintain audit findings within the risk register
  • Review of vendor exhibits, provide responses to customer assessments, and provide guidance to SRGC and Procurement
  • Understand how all the security tools used in BMC work, including BMC security tools, and how it helps meet compliance requirements
  • Work closely with IaaS/cloud partners to ensure they meet compliance and regulatory requirements
  • Review periodic security reports from internal and external sources
  • Hands-on experience with US Federal Government compliance requirements, including FedRAMP and DoD Cloud Computing Security Requirements Guide
  • Security and privacy certification experience in a SaaS organization/product a plus
  • CISA, SANS, or similar industry compliance or information security certifications required
  • Understanding of IT security compliance frameworks like ISO, PCI, HIPAA, SSAE 18, SOX
  • Ability to obtain US Security Clearance (existing Clearance preferred)
  • Broad understanding of security concepts
  • 7+ years of overall industry information technology experience
  • Must have ability to coordinate and execute an activity or solution to completion
  • Deliver results quickly and efficiently with iterative approaches 
  • Effective communication skills and ability to speak directly with external customers as needed
  • Experience creating policies, standards, and procedural documentation
  • Familiarity of operating systems, networking, and other underlying technologies which provide computer services
  • Excellent oral and written communication skills to collaborate with customers, third-parties, and internal teams
  • Willing to learn new tools, technologies, and regulatory requirements
  • Understanding and awareness of current developments in the prevailing global Cybersecurity environment

Bachelor Degree in Computer Science, Information Technology, Systems Engineering, or a related field

It is the policy of BMC Software to afford equal opportunity for employment to all individuals regardless of race, color, age, national origin, physical or mental disability, history of disability, ancestry, citizenship status, political affiliation, religion, gender, transgender, gender identity, gender expression, marital status, status as a parent, sexual orientation, veteran status, genetic information or other factors prohibited by law, and to prohibit harassment or retaliation based on any of these factors. BMC never asks for payment from individuals seeking employment with the company.

If you need a reasonable accommodation for any part of the application and hiring process, visit the accommodation request page.