Risk and Compliance Senior Analyst

Medallia’s mission is simple: to create a world where companies are loved by customers and employees alike. Hundreds of the world’s best-loved brands trust Medallia’s Software-as-a-Service application to help them capture customer feedback everywhere the customer is (on the phone, in store, online, mobile), understand it in real-time, and deliver insights and action everywhere—from the C-suite to the frontline—to improve their performance. Founded in 2001, Medallia is growing quickly with more than 1000 employees globally in Silicon Valley, New York, London, Paris, Sydney, Buenos Aires, and Tel Aviv. 


Responsibilities:

  • Develop Information Security and Compliance policies and standards in collaboration with various internal teams
  • Develop documentation to support FedRAMP Security Controls, System Security Plan, Contingency Plan & POA&M
  • Develop Security Assessment Report / Audit
  • Identify, track and assist with mitigation strategies for report security findings related to FedRAMP
  • Coordinate with 3rd Party Assessment Organizations to maintain ATO
  • Provide direction, design and implementation support of solutions, meeting FedRAMP requirements
  • Work with internal stakeholders to validate security strategies and roadmaps with respect to FedRAMP
  • Interface with internal and Government resources to assure compliance with federal government security requirements
  • Perform periodic assessments and audits of compliance with the established controls
  • Perform periodic tests of design and effectiveness of the established controls
  • Build and enhance the controls matrix, in alignment with multiple compliance frameworks
  • Assist with the security review component of vendor governance
  • Develop employee facing technical documentation, internal wiki pages, periodic security oriented communication to spread awareness about Information Security policies and standards

Skills:

  • 5+ years of relevant information technology experience with at least 5 years of security architecture and design experience
  • Deep knowledge of FedRAMP and NIST requirements
  • In-depth understanding of NIST SP 800-53 control requirements
  • Ability to create and manage documentation necessary to complete and maintain the A&A process.
  • Ability to conduct self-assessments and perform formal risk analysis
  • Current/prior experience with a full cycle effort to complete an A&A package for a Federal information system



At Medallia, we don’t just accept difference - we celebrate it and recognize the value it brings to our customers and employees. Medallia is proud to be an equal opportunity workplace and is an affirmative action employer. Equal opportunity and consideration are afforded to all qualified applicants and employees. We won't unlawfully discriminate on the basis of gender identity or expression, race, ethnicity, religion, national origin, age, sex, marital status, physical or mental disability, Veteran status, sexual orientation, and any other category protected by law.

Medallia is committed to working with and providing reasonable accommodation to applicants with disabilities in accordance with the American Disabilities Act and state disability laws.

Meet Some of Medallia's Employees

Natalie N.

Sales Development Representative

Natalie works on the Inside Sales Team to find new customers interested in partnering with Medallia. She helps these partners improve customer experience at their respective companies.

Shwetha S.

Senior Manager, Implementations

Shwetha works with a portfolio of Medallia clients to design and implement the best customer experience programs. She works to maximize client results and make a real change in their customer experiences.


Back to top