Senior Trust Assurance Specialist

Job summary

We are seeking a Senior Trust Assurance Specialist (FedRAMP Focus) to join the Trust Office team at DigiCert. This role is responsible for leading complex compliance and assurance activities, with a particular focus on FedRAMP and U.S. public sector regulatory requirements, while also contributing broadly across DigiCert’s global compliance program.

The successful candidate will have 6–7+ years of experience in compliance, risk management, or audit, with strong experience in FedRAMP / FISMA environments and a solid understanding of broader cybersecurity frameworks. This individual will operate with a high degree of autonomy, acting as a key liaison for audits, regulatory engagements, and FedRAMP-related activities.

This role reports to the Head of Compliance and works closely with cross-functional teams across Security, IT, Legal, and Operations.

What you will do

Level Expectations

• Leads complex compliance domains, audit engagements, or regulatory areas
• Provides subject matter expertise, particularly in FedRAMP and NIST-based frameworks
• Influences stakeholders and drives alignment on compliance and control decisions
• Operates with a high degree of autonomy and accountability
• Acts as a key escalation point for complex compliance or audit issues

Audit & Assurance Leadership

• Lead external and customer audit engagements (e.g., SOC 2, WebTrust, FedRAMP), including planning, execution, and stakeholder coordination
• Act as a primary point of contact for auditors and assessors, ensuring effective communication and successful audit outcomes
• Oversee audit evidence preparation, walkthroughs, and issue resolution
• Ensure timely and effective remediation of audit findings

FedRAMP & Regulatory Compliance (Core Focus)

• Lead and support FedRAMP authorization and continuous monitoring activities, including coordination of security documentation, control implementation, and audit readiness
• Support the maintenance and accuracy of key FedRAMP artifacts (e.g., SSP, POA&M, control evidence)
• Act as a key liaison with authorizing agencies, 3PAOs, and external stakeholders
• Interpret and apply NIST 800-53 and related FedRAMP requirements within DigiCert’s environment
• Ensure alignment between FedRAMP requirements and broader compliance frameworks
• Support maintaining audit readiness and authorization posture, including ongoing monitoring and POA&M oversight

Regulatory Compliance & Advisory (Broader Scope)

• Interpret and apply regulatory and industry standards (e.g., WebTrust for CAs, ISO 27001, NIST, SOC 2) across the organization
• Ensure alignment between regulatory requirements, internal policies, and control design across the organization
• Stay informed of emerging regulatory changes and assess their impact on DigiCert

Control Design & Oversight

• Lead the design, evaluation, and enhancement of controls to ensure effectiveness and alignment with regulatory requirements
• Provide guidance on complex control issues, particularly in NIST/FedRAMP environments
• Identify systemic control gaps and drive remediation strategies

Risk & Compliance Integration

• Provide guidance on risk assessments and ensure alignment between compliance and risk management activities
• Drive integration of compliance requirements into broader risk frameworks

Stakeholder Leadership

• Build and maintain strong relationships with senior stakeholders across Security, IT, Legal, HR, and Operations
• Influence decision-making to ensure compliance objectives are met without unnecessary friction
• Provide mentorship and guidance to Analysts and Specialists
• Act as an escalation point for complex compliance, audit, or FedRAMP-related issues

Continuous Improvement

• Identify and drive improvements in compliance processes, tools, and reporting
• Contribute to the maturity and scalability of DigiCert’s compliance program

What you will have

• Bachelor’s degree in Law, Compliance, Information Security, Computer Science, or a related field
• 6–7+ years of experience in compliance, risk management, audit, or related roles
• Strong experience with FedRAMP (Authorization and/or Continuous Monitoring)
• Experience working with NIST frameworks (e.g., 800-53, 800-63)
• Experience engaging with external auditors, assessors (e.g., 3PAOs), or regulatory bodies
• Experience leading audits or compliance activities across one or more frameworks
• Strong understanding of control design, evaluation, and regulatory interpretation
• Experience working with frameworks such as SOC 2, ISO 27001, WebTrust, or similar
• Ability to operate across multiple compliance domains, not limited to FedRAMP
• Strong analytical and problem-solving capabilities
• Excellent written and verbal communication skills
• Ability to influence and challenge stakeholders constructively
• High degree of ownership and accountability

Nice to have

• Experience in PKI, digital certificates, or cryptographic security environments
• Certifications such as CISSP, CISM, CISA, or CRISC
• Experience with FedRAMP High or Moderate environments
• Familiarity with FISMA, ATO processes, or public sector compliance environments

Benefits

DigiCert offers a competitive benefits package for all of our full-time employees. 

DigiCert is an Equal Opportunity employer and is committed to diversity in its workforce. In compliance with applicable federal and state laws, DigiCert prohibits discrimination on the basis of race or ethnicity, religion, color, national origin, sex, age, sexual orientation, gender identity/expression, veteran’s status, status as a qualified person with a disability, or genetic information. Individuals from historically underrepresented groups, such as minorities, women, qualified person with disabilities, and protected veterans are strongly encouraged to apply.

#LI-KK1