This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

We are looking for a FedRAMP Program Manager to join our Security & Compliance team. This is a senior individual contributor role designed for someone who thrives at the intersection of compliance, technology, and collaboration. You will take full ownership of Mark43’s FedRAMP program, ensuring that it not only meets regulatory standards but aligns with broader company goals and frameworks.

Due to the nature of our customers and the responsibilities of this role, this position requires U.S citizenship.

What You’ll Do

• Own the FedRAMP program end to end, focusing on FedRAMP Moderate and/or High baselines
• Translate detailed FedRAMP requirements into actionable guidance for Engineering and Product teams
• Review architectural decisions for federal roadmap features, balancing product delivery with compliance needs
• Meet with federal customer stakeholders to provide clarity on our compliance posture and roadmap
• Partner with Security and Engineering teams to implement consistent, evidence-backed controls across frameworks like CJIS, SOC 2, and UK regulations
• Partner directly with Engineering teams to solve complex technical and architectural problems, translating compliance requirements into pragmatic, scalable solutions
• Participate in a cross-functional working group to align technical implementations across compliance regimes
• Respond to a federal contract opportunity by mapping technical requirements to our existing FedRAMP controls
• Lead ATO lifecycle activities including SSP ownership, control implementation oversight, POA&M management, and engagement with 3PAOs and authorizing officials
• Ensure alignment between FedRAMP baselines and DoD IL2/IL4/IL5 requirements, identifying and resolving control inheritance and boundary gaps

Qualifications

• 7+ years of experience leading federal compliance programs in a SaaS, cloud, or technology environment
• Direct, hands-on ownership of a FedRAMP Moderate and/or High authorization, including ATO lifecycle management
• Deep, working expertise with NIST SP 800-53 (Rev. 4 and/or Rev. 5), including control implementation, tailoring, and continuous monitoring
• Experience operating in DoD Impact Level environments (IL2, IL4, and/or IL5), including understanding of boundary definitions, inheritance models, and DoD customer expectations
• Proven ability to translate complex regulatory requirements into practical, engineering-ready guidance
• Demonstrated success influencing Engineering, Product, and Security leaders without formal authority
• Able to work side-by-side with Engineers to solve complex technical and architectural problems, including control implementation tradeoffs, boundary decisions, and system design constraints
• Ability to operate autonomously as the primary FedRAMP subject matter expert

Preferred Qualifications

• Experience with CMMC (Level 2 and/or Level 3), including mapping CMMC requirements to NIST SP 800-53 controls
• Experience supporting DoD or federal civilian agency contracts in high-scrutiny or regulated environments
• Familiarity with adjacent frameworks such as SOC 2, CJIS, ISO 27001, or international public sector regulations
• Experience working with cloud environments hosted in AWS GovCloud or equivalent restricted regions

People who thrive on our team tend to share the following traits:

• Humble, open, and curious: You invite collaboration and are open to learning from others
• Systems thinker: You connect the dots across frameworks, environments, and priorities
• Proactive communicator: You articulate complex topics clearly and keep stakeholders aligned