Microsoft Cloud Compliance ManagerNational Coordination Center by Edera L3C • Saint Paul, Illinois, United States
Microsoft Cloud Compliance Manager
National Coordination Center by Edera L3C
- Saint Paul, Illinois, United States
- Saint Paul, Illinois, United States
À propos
Edera L3C is a fast‑growing healthcare consultancy focused on creating transformative solutions by combining industry expertise with innovative technology. As a social enterprise, we prioritize purpose over profit and reinvest surplus into communities and clients. We are seeking a Microsoft Cloud Compliance Manager to design, implement, and operate compliance programs aligned to FedRAMP and CMMC. The role centers on identifying, implementing, and maintaining shared control foundations across both frameworks, emphasizing Microsoft‑based environments (Azure, Dynamics 365, Power Platform, and Dataverse). The ideal candidate translates regulatory requirements into practical, auditable controls using Microsoft‑native capabilities and inherited cloud controls. Employment Details
This position offers flexible engagement options and may be structured as a full‑time, part‑time, contract, or 1099 role depending on availability and project needs. It is fully remote and carries no supervisory responsibilities. The position reports directly to the Director of Technology. Compensation will be determined based on experience, employment status, and market analysis. Responsibilities
FedRAMP and CMMC Control Alignment Lead alignment of organizational security controls to both FedRAMP and CMMC by prioritizing shared requirements across the two frameworks. Identify common control families including access control, audit logging, configuration management, incident response, risk management, and system integrity. Support development of a single, harmonized control implementation approach where possible. Microsoft Cloud Control Implementation Map FedRAMP and CMMC requirements to Microsoft Azure, Dynamics 365, Power Platform, and Dataverse configurations. Leverage Microsoft inherited controls and shared responsibility models to reduce implementation burden. Validate secure configuration of identity, logging, encryption, and monitoring using Microsoft‑native tools. Policy, Procedure, and Evidence Development Develop and maintain security policies, standards, and procedures aligned to FedRAMP and CMMC expectations. Define evidence requirements and support collection of audit‑ready artifacts from Microsoft platforms. Ensure documentation reflects real system configurations and operational practices. Risk Management & POA&M Support Support risk assessments, gap analyses, and control maturity evaluations. Manage Plan of Action and Milestones (POA&M) development, tracking, and remediation coordination. Assist technical teams in translating compliance findings into actionable remediation tasks. Audit and Assessment Readiness Prepare teams for FedRAMP, CMMC, or third‑party assessments by coordinating interviews, walkthroughs, and evidence reviews. Serve as a liaison between technical teams, leadership, and assessors. Support ongoing continuous monitoring and compliance reporting activities. Cross‑Functional Collaboration Work closely with architects, developers, system administrators, and support analysts to embed compliance into design and operations. Provide guidance on secure‑by‑design and compliance‑by‑default practices within Microsoft solutions. Support training and awareness efforts related to compliance responsibilities. FedRAMP & CMMC Common Control Focus Identity and Access Management (Azure AD, role‑based access control, least privilege) Audit Logging and Monitoring (centralized logging, retention, alerting) Configuration and Change Management Incident Response and Reporting Risk Management and Continuous Monitoring Encryption of data at rest and in transit Asset and System Inventory Security Awareness and Role‑Based Training Required Knowledge and Skills
Bachelor’s degree in Information Security, Information Technology, or related field, or equivalent experience. Demonstrated experience supporting FedRAMP and/or CMMC compliance efforts. Strong understanding of NIST 800‑53 and NIST 800‑171 control frameworks. Experience implementing compliance controls within Microsoft Azure and Microsoft enterprise platforms. Familiarity with shared responsibility models and inherited cloud controls. Ability to translate regulatory language into practical technical and operational actions. Strong documentation, communication, and stakeholder coordination skills. Desirable (Not Required) Skills/Experience
PMP or SAFe certification Prior military or DHA experience EEO Statement
All applicants must be U.S. citizens and able to obtain a Public Trust clearance. Edera participates in the E‑Verify program and is a drug‑free workplace. Edera is an Equal Opportunity and Affiliated Action Employer. Edera prohibits discrimination against individuals based on race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. Edera takes affirmative action to employ and advance individuals without regard to these protected categories.
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.