Government Controls Analyst

At Jamf, people are at the core of everything we do. We do what’s right for our customers, our employees, our communities and our world. We take pride in simplifying technology for tens of thousands of customers around the globe and helping organizations succeed with Apple.

Jamf offers remote and hybrid positions. Depending upon the role, work in the office, connect 100% remote from your home, or find the blend that works best for you.

The Government Controls Analyst will be a member of the Enterprise Risk and Compliance team, and assist in ongoing risk assessments, control identification, audit execution, and continuous monitoring of Jamf’s Government control environment. The Government Controls Analyst will be responsible for providing objective guidance to strengthen Jamf’s Government controls frameworks to ensure compliance with all relevant regulations, laws, and company policy.

What you can expect to do in this role:

• Assists the Government Compliance team and work with other teams (Security, Cloud, Product, Engineering, IT, HR, Legal, etc.) to implement FedRAMP, StateRAMP, or other government framework requirements and to create required documentation.
• Engages with internal customers to assist in annual technical documentation review within Government Compliance Frameworks (e.g. System Security Plan (SSP), policies, procedures, and authorization boundary diagrams).
• Supports internal teams with responding to questions from government or regulated customers.
• Track and drive remediation of control deficiencies and gaps identified internally and externally for Government Compliance Frameworks.
• Collect and document control test results, penetration testing results, and vulnerability scan results for reporting to authorizing agencies.
• Represent Jamf to external organizations such as assessors, advisory partners, and government agencies.
• Assist with other compliance and security engineering projects as needed.
• Assist Compliance team with other frameworks such as SOC 2, ISO27701, ISO27701, or other security-based certifications when requested.
• Other duties as assigned by Manager.

What we are looking for:

• Minimum of 1 year years of audit, compliance, or related experience (Required)
• Experience with SOC 2, ISO 27001, ISO27701, PCI, GDPR and other security-based certifications, audits or compliance standards (Required)
• Experience with FedRAMP initiative or an active member of a FedRAMP, StateRAMP, or Cyber Essentials. (Preferred)
• Experience using GRC tools to manage projects
• Working knowledge of business processes, preferably related to the software industry or SaaS (Preferred)
• Ability to interact effectively with co-workers in a result driven culture
• Ability to engage with and establish trust and rapport with all levels of customers and employees
• Ability to execute deliverables for multiple projects simultaneously across different functional groups
• Comfortable using creative problem-solving and critical thinking to stay agile in a fast-paced environment
• Highest level of ethics, independence, and professionalism
• Ability to create reports and dashboards that present data in a clear and visually compelling manner

EDUCATION & CERTIFICATIONS

• High School Diploma or Equivalent (Required)
• 4 year / Bachelor's Degree in Information Systems, Finance, Accounting, or Business (Preferred)
• Preferred Certifications/Licensures:
  • CISA (Certified Information Systems Auditor)
  • CISM (Certified Information Security Manager)
  • CISSP (Certified Information Systems Security Professional)
  • CCSP (Certified Cloud Security Professional)

How we help you reach your best potential:

• Named a 100 Best Companies to Work For by Great Place to Work® and Fortune Magazine
• We know that big ideas can come from anyone, so we empower everyone to make an impact. Our 90% employee retention rate agrees.
• We offer flexible work-life in a choice-based office model and new hires receive a #WFH stipend to better their work space.
• Benefits are a critical part of the “whole employee experience”. Our benefits package includes generous paid time off, including VTO, health and mental health benefits, family planning services, retirement and more.
• We put people over profits – which is why our customers keep coming back to us.
• Our volunteer time off allows employees to support and give back to our communities.
• We encourage you to simply be you. We constantly seek and value different perspectives to ensure Jamf is a place where everyone feels comfortable and can be successful.
• 23 of 25 world’s most valuable brands rely on Jamf to do their best work (as ranked by Forbes).

What is a Jamf?
You go above and beyond for others, are willing to help, and support the team around you. You value and learn from different perspectives. You are curious and resourceful, a problem-solver, self-driven and constantly improving. You are excited to try new things, explore new ideas, and seek new opportunities. You care about inclusion and diversity, social responsibility, and are someone who just wants to do the right thing.

What does Jamf do?
Jamf extends the legendary Apple experience people enjoy in their personal lives to the workplace. We believe the experience of using a device at work or school should feel the same, and be as secure as, using a personal device. With Jamf, IT and security teams are able to confidently manage and protect Mac, iPad, iPhone and Apple TV devices, easing the burden of updating, deploying and securing the data used by their end-users. Jamf’s purpose is to simplify work by helping organizations manage and secure an Apple experience that end-users love and organizations trust.

We are free-thinkers, can-doers and problem crushers with a passion for helping customers empower their workforce to focus on their jobs, not the hassles of managing technology – freeing nurses to care, teachers to teach and businesses to thrive. We have over 2,500 employees worldwide who are encouraged to bring their whole selves to work each and every day.

Get social with us and follow the conversation at #OneJamf