VMware Sr. Program Manager, Security & Compliance - Opportunity for Working Remotely in Boston, Massachusetts
VMware End-User Computing runs the world’s largest Digital Workspace Platform – Workspace ONE. We are in the business of helping customers bring Business Mobility to reality: transforming their high-demand applications, building and leading the next-generation desktop, and helping industries shift core business processes and operations to make things happen only possible in today's mobile environment. With over 60,000 customers around the globe, our End-User Computing team is helping companies deliver work at the speed of life and our technologies are leading what's happening next for users across the enterprise.
The Infrastructure Services team drives the delivery of services and infrastructure to facilitate the running of core applications that make up our global SaaS offering. The team is actively involved in improving efficiencies in service reliability with automation and software solutions through collaborative efforts with other R&D groups within VMware. We are often involved in leading-edge use cases of the SaaS transformation of the product and work towards automated solutions for both infrastructure and the application.
The Sr. Program Manager will be responsible for work with the engineering teams to be the ‘glue’ that facilitates the flow of features to our customers while keeping our quality and security bars high and fostering continuous improvement. This includes ensuring the existence of appropriate security governance within the cloud and internally controlled environments (policy, procedures, baselines and monitoring); assessment of required security controls, and testing of adherence to required policies, procedures and monitoring. You will collaborate with other members of the Security and IT teams to define appropriate and effective information security controls and will work with the engineering team to implement them. You should have a strong compliance and process improvement mindset, be willing to take on challenges, be highly motivated, and work effectively as a team and independently. The responsibilities will include but not be limited to:
Manage timelines, resources, project plans, action item logs, status reports and statistics to ensure milestones, goals and commitments are met.
Perform deficiency analysis and implement required FedRAMP controls to meet Regulatory Compliance requirements
Assist with integrating policy and regulatory compliance requirements into the team’s processes (e.g., change control, vuln mgmt.)
Escalate and resolve security risks and issues as required
Develop metrics and reporting to demonstrate information security compliance status and system health metrics
Test for adherence to policy and regulatory controls, procedures and standards.
Work closely with both Internal and External audit teams and coordinate security compliance audits
Provide audit and continuous monitoring artifacts to compliance as required
Conduct system security review and impact analysis as needed where controls fail or are considered ineffective
Track mitigation steps and ensure that risks and reported findings are managed appropriately and in a timely manner.
Evaluate vulnerability and compliance scans and collaborate with engineering to define remediations
Ensure vulnerabilities are remediated as prescribed in VGS’s Continuous Monitoring Plan
Evaluate change requests and ensure they do not negatively impact the security posture of WS1 on AWSGov Services
Work closely with enterprise architects, other functional area architects, engineering, and security specialists to ensure adequate security solutions and controls are in place throughout the environment to mitigate identified risks sufficiently, and for addition of new services/solutions
Minimum of 3 Experience as a Program Management with direct experience leading compliance initiatives and running audits for standards such as FedRAMP, SOC 2, NIST, ISO 27001, HIPAA, SOX.
Experience in IT Audit, IT Security, Information Risk Management, IT Governance or other IT Compliance related work.
Familiarity and experience with agile software delivery methodologies and lean governance.
Strong communication and interpersonal skills
Systematic problem-solving approach coupled with a strong sense of ownership and independence
Defining, establishing, and maintaining a consistent, traceable decision-making process
Gathering metrics and building reports and dashboards that detail program health
Strong organizational and multitasking skills
Strong verbal and written communication skills
This position will perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil, and therefore any offer will be contingent upon verification of both of these requirements. This job opportunity is not eligible for employment-based immigration sponsorship by VMware. The position is also contingent on passing an enhanced background check.
Category : Business Strategy and Operations
Subcategory: Program Management
Experience: Manager and Professional
Full Time/ Part Time: Full Time
Posted Date: 2021-04-08
VMware Company Overview: At VMware, we believe that software has the power to unlock new opportunities for people and our planet. We look beyond the barriers of compromise to engineer new ways to make technologies work together seamlessly. Our cloud, mobility, and security software form a flexible, consistent digital foundation for securely delivering the apps, services and experiences that are transforming business innovation around the globe. At the core of what we do are our people who deeply value execution, passion, integrity, customers, and community. Shape what’s possible today at http://careers.vmware.com.
Equal Employment Opportunity Statement: VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. Vmware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.