CrawlJobs Logo

Information Systems Security Officer

Docebo

Location Icon

Location:
United States; Canada, Athens, Georgia

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Information Systems Security Officer (ISSO) is responsible for safeguarding the confidentiality, integrity, and availability of Docebo’s information assets. This specialized expert role Owns and operates the company’s FedRAMP authorization and maintenance program — end-to-end governance, risk management, continuous monitoring, ATO/ATO-maintenance artifacts, cross-functional coordination, and government/3PAO engagement — to enable and sustain FedRAMP and DoD RMF authorizations required by our customers and contracts. The ISSO ensures compliance with various regulatory frameworks, including FedRAMP, NIST, and DoD guidelines.

Job Responsibility:

  • Own the FedRAMP/DoD RMF authorization lifecycle for assigned systems (strategy → authorization → continuous monitoring → ATO maintenance)
  • Define and maintain the FedRAMP program governance model, roles & responsibilities (including Sponsor/Authorizing Official interactions)
  • Create, own, maintain, and version-control the System Security Plan (SSP), Security Assessment Report (SAR), continuous monitoring (ConMon) artifacts, POA&Ms, SSP annexes, and all ATO package deliverables
  • Build and run the ConMon program: define telemetry requirements, dashboards, vulnerability ingestion, thresholds, incident feed, and reporting cadence
  • Triage vulnerabilities, manage POA&Ms (track remediation owners, dates, residual risk), and ensure POA&M closure meets customer and FedRAMP expectations
  • Lead the selection, engagement, and technical coordination with 3PAOs and any external assessors. Ensure assessments, testing, and SAR content are accurate and timely
  • Evaluate security impact for architectural or operational changes (Security Impact Analysis), own risk acceptance processes, and coordinate Risk Acceptance with Sponsors/Authorizing Officials
  • Integrate change control with the ConMon program to ensure authorized/approved changes are documented and do not break control baselines
  • Act as the primary internal liaison across Product, Engineering, DevOps, Security, Sales, Legal, and Marketing for anything impacting the FedRAMP posture and ATO timelines. Drive working groups and weekly syncs
  • Support pre-sales and customer conversations on FedRAMP posture and timelines alongside Sales
  • maintain the relationship with the government Sponsor/Authorizing Official and the FedRAMP PMO as required
  • Build and manage program timelines (Gantt), identify and mitigate schedule risk, report status to Management and stakeholders, and maintain an issues/risk register for the authorization lifecycle
  • Develop/update policies, control implementations, and procedures to ensure alignment with FedRAMP Rev (current guidance), NIST SP 800-53/800-37/800-137, and DoD RMF as applicable
  • Provide training for engineers, product managers, and GRC teams on FedRAMP requirements, evidence collection, secure configuration baselines, and artifacts expectations
  • Coordinate security incidents affecting FedRAMP-scope systems into the ConMon program and ensure incident reporting/lessons learned are reflected in POA&Ms and governance
  • Capture lessons learned from audits and assessments, refine processes, and drive automation of evidence collection and control attestations to scale the program

Requirements:

  • 8+ years of experience in information systems security, with a focus on compliance with NIST and DoD guidelines
  • In-depth knowledge of FedRAMP, NIST SP 800-37, NIST SP 800-53, and DoD 8510.01 policies and procedures
  • Strong technical writing skills for developing SOPs, work instructions, and senior-level briefs
  • Proficient in risk and vulnerability assessment, security infrastructure design, and continuous monitoring
  • Prior experience on obtaining FedRamp ATO
What we offer:
  • Generous Vacation Policy, plus extra floating holidays to use for religious or cultural events that matter to you
  • Employee Share Purchase Plan
  • Career progression/internal mobility opportunities
  • Four employee resource groups to get involved with (the Docebo Women's Alliance, PRIDE, BIDOC, and Green Ambassadors)
  • WeWork partnership and “Work from Anywhere” program

Additional Information:

Job Posted:
December 08, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
View All Jobs In This Company
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
Welcome to CrawlJobs.com
Your Global Job Discovery Platform
At CrawlJobs.com, we simplify finding your next career opportunity by bringing job listings directly to you from all corners of the web. Using cutting-edge AI and web-crawling technologies, we gather and curate job offers from various sources across the globe, ensuring you have access to the most up-to-date job listings in one place.
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Australia Jobs Canada Jobs China Jobs Poland Jobs Ireland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2025 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy