PagerDuty empowers teams of all kinds to do the critical work that moves business forward through the PagerDuty Operations Cloud.

Visit our careers site to explore life at PagerDuty, discover opportunities, and sign-up for job alerts!

PagerDuty is seeking a FedRAMP ISSO to lead and maintain the security and compliance posture of our FedRAMP-authorized environments. This role requires a deep understanding of FedRAMP, NIST 800-53 controls, and cloud security best practices. The FedRAMP ISSO will serve as the subject matter expert for FedRAMP compliance, collaborating with cross-functional teams to ensure adherence to security requirements, maintain audit readiness, work with external stakeholders, and drive the implementation of FedRAMP controls across the organization.

This is an exciting opportunity to build lovable security solutions that make developers and customers happy. The ideal candidate believes in securing infrastructure at scale and creating automated solutions that make security the easiest choice.

Key Responsibilities:

Apply knowledge of the NIST 800-53 control framework to implement FedRAMP requirements and ensure compliance with security initiatives. Translate FedRAMP requirements into actionable items to support solution design, process implementation, and policy enforcement. Develop, maintain, and update FedRAMP documentation, including the System Security Plan (SSP), policies, procedures, and contingency plans (e.g., ISCP). Partner with 3PAOs to support assessments, drive audit readiness, and coordinate timely evidence collection. Collaborate with customers to facilitate external audits and ensure successful attainment and maintenance of Authority to Operate (ATO). Provide internal guidance to integrate FedRAMP controls (e.g., encryption, access controls, logging) into product design, development, and operational processes. Provide guidance and support for adjacent compliance frameworks (e.g., DoD IL, CMMC, SOC 2, or ISO 27001) to align with FedRAMP requirements.

Basic Qualifications:

5+ years of experience in information security, compliance, or related roles, with at least 3 years of experience supporting FedRAMP compliance efforts. Strong understanding of FedRAMP requirements, NIST 800-53 controls, and security assessment processes. Demonstrated ability to collaborate with cross-functional teams to support security initiatives. Has been a major contributor to a FedRAMP audit, from SAP planning to authorization.  Experience with tools and processes for vulnerability management, system audits, and risk assessments. Detail-oriented with strong organizational skills and the ability to manage multiple priorities. Experience drafting and managing POA&Ms, incident reports, and continuous monitoring deliverables. Exceptional written and verbal communication skills for creating and managing FedRAMP documentation.

Preferred Qualifications:

Experience supporting FedRAMP Moderate or High system authorizations. Experience supporting DoD IL 4 or 5 environments.  Knowledge of cloud computing environments, such as AWS, Azure, or Google Cloud, particularly FedRAMP-authorized regions (e.g., AWS GovCloud, Azure Government). Familiar with SaaS security tools (such as Sumo Logic, Datadog, Crowdstrike, Wiz, Snyk, and Qualys). Familiarity with contemporary risk and issue management tools (such as JIRA, Lucidchart, UpGuard and Hyperproof). Familiarity with Cloud Native and SaaS constructs, including architectures, DevOps, CI/CD, SecOps disciplines. Relevant certifications, such as: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Authorization Professional (CAP) CompTIA Advanced Security Practitioner (CASP+) Experience working with government agencies or contractors in the public sector.

The base salary range for this position is 176,000 - 281,000 USD. This role may also be eligible for bonus, commission, equity, and/or benefits.

Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience.

Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process.

The successful applicant will be performing work in FedRAMP environments, and therefore, must be a U.S. Person (i.e. U.S. citizen, U.S. national, lawful permanent resident, asylee, or refugee). This position may also perform work that the U.S. government has specified can only be performed by a U.S. citizen on U.S. soil.