Principal Security Analyst (Top Secret)

Here at Appian, our values of Intensity and Excellence define who we are. We set high standards and live up to them, ensuring that everything we do is done with care and quality. We approach every challenge with ambition and commitment, holding ourselves and each other accountable to achieve the best results. When you join Appian, you’ll be part of a passionate team dedicated to accomplishing hard things, together.

The Principal GRC Security Analyst at Appian will play a key role in advising and assisting federal customers in designing, implementing, and maintaining secure Appian-based solutions. This position requires a strong understanding of cybersecurity principles, the government's IT security authorization process, and experience with the NIST Risk Management Framework (RMF) and Authority to Operate (ATO) processes. The Senior Analyst will leverage their experience to guide customers through the security authorization process, contribute to the development of secure architectures, and mentor junior team members. This role involves working with cloud platforms such as Amazon Web Services (AWS) and Microsoft Azure in the context of government managed services.

This role is based at our HQ in McLean, VA. Appian was built on a culture of in-person collaboration, which we believe is a key driver of our mission to be the best. Employees hired for this position are expected to be in the office 4 - 5 days per week to foster that culture, ensure we thrive through shared ideas and teamwork, and maximize opportunities to connect with the exceptional people across Appian. While working in-person with customers is our main priority, we also believe the office environment enables more opportunities to celebrate wins, collaborate effectively, and build strong relationships across teams.

Responsibilities:

• Leading and Applying RMF Processes: Independently manage and execute the RMF steps, including system categorization, security control selection, implementation guidance, assessment support, authorization package development, and continuous monitoring for Appian-based solutions. 
• Driving ATO and FedRAMP Authorization: Take ownership of the preparation and management of Authorization to Operate (ATO) packages and lead the FedRAMP authorization process for federal customers, ensuring compliance with federal security standards. 
• Designing Secure Solutions: Architect secure end-to-end solutions for federal customers leveraging cloud platforms like AWS and Microsoft Azure, applying security best practices and federal requirements. 
• Mentoring Junior Analysts: Provide guidance and mentorship to junior security analysts, sharing your knowledge and experience in GRC and cybersecurity. 
• Collaborating with Customers and Internal Teams: Partner directly with federal customers and Appian’s Customer Success team to understand their security requirements and provide expert guidance on implementing cybersecurity strategies . Collaborate with senior cyber advisors to refine security approaches. 
• Contributing to Security Authorization Strategies: Play a significant role in developing and implementing comprehensive cybersecurity strategies for Appian deployments within federal environment. 
• Maintaining Knowledge of Federal Policies: Stay current with the latest federal cybersecurity policies, standards (including FedRAMP), and best practices to ensure ongoing compliance and effective security authorization support. 
• Contributing to System Security Packages (SSPs): Lead the development and maintenance of System Security Packages (SSPs) in accordance with RMF requirements. 

Qualifications:

• Bachelor’s degree in any Engineering discipline, Computer Science, Mathematics, Information Technology, or similar work. 
• An Active Government Clearance (Top Secret and above, without any limitations) is required. 
• Ability and interest to maintain an Active TS:SCI Clearance (CI or FSP), with the ability and willingness to perform work within cleared facilities (SCIF work is required). 
• Approximately 5+ years of experience as an IT systems administrator building, maintaining, scripting, patching, & managing hosts, databases, and interconnected Cloud services with significant experience in a security-focused role and a strong understanding of GRC principles.
• Demonstrated experience in navigating the NIST Risk Management Framework (RMF) and Authority to Operate (ATO) processes.
• Proven ability to contribute to the development of System Security Packages (SSPs).
• Experience with cloud platforms such as Amazon Web Services (AWS) and Microsoft Azure, with a focus on security best practices for cloud environments.
• Passion for cybersecurity and a strong desire to architect secure solutions for federal customers. 
• Strong communication and interpersonal skills, with the ability to effectively advise and guide customers.

Tools and Resources 

• Training and Development: During onboarding, we focus on equipping new hires with the skills and knowledge for success through department-specific training. Continuous learning is a central focus at Appian, with dedicated mentorship and the First-Friend program being widely utilized resources for new hires. 
• Growth Opportunities: Appian provides a diverse array of growth and development opportunities, including our leadership program tailored for new and aspiring managers, a comprehensive library of specialized department training through Appian University, skills based training, and tuition reimbursement for those aiming to advance their education. This commitment ensures that employees have access to a holistic range of development opportunities.
• Community: We’ll immerse you into our community rooted in respect starting on day one. Appian fosters inclusivity through our 8 employee-led affinity groups. These groups help employees build stronger internal and external networks by planning social, educational, and outreach activities to connect with Appianites and larger initiatives throughout the company.

About Appian

Appian is a software company that automates business processes. The Appian AI-Powered Process Platform includes everything you need to design, automate, and optimize even the most complex processes, from start to finish. The world's most innovative organizations trust Appian to improve their workflows, unify data, and optimize operations—resulting in better growth and superior customer experiences. For more information, visit appian.com. [Nasdaq: APPN]

Follow Appian: LinkedIn.

Appian is an equal opportunity employer that strives to attract and retain the best talent. All qualified applicants will receive consideration for employment without regard to any characteristic protected by applicable federal, state, or local law. 

Appian provides reasonable accommodations to applicants in accordance with all applicable laws. If you need a reasonable accommodation for any part of the employment process, please contact us by email at ReasonableAccommodations@appian.com. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address.

Appian's Applicant & Candidate Privacy Notice