Back to jobsApply
Workstreet

Best-in-class trust services for high-growth companies. Vanta’s biggest services partner.

Senior GRC Engineer – CMMC/FedRAMP

ComplianceComplianceFull TimeRemoteTeam 11-50Since 2023H1B No SponsorCompany SiteLinkedIn

Location

United States

Posted

14 days ago

Salary

Not specified

Bachelor Degree5 yrs expEnglishAWSAzureCloud

Job Description

• Interpret and Apply FedRAMP Requirements: Analyze and apply NIST SP 800-53 controls, FedRAMP baselines, and agency-specific requirements to ensure client compliance. • Develop and Maintain FedRAMP Documentation: Author and maintain System Security Plans (SSPs), control implementation narratives, POA&Ms, SAPs, SARs, and continuous monitoring artifacts. • Conduct FedRAMP Readiness Assessments: Perform gap analyses and readiness reviews to prepare organizations for JAB or Agency ATO pathways. • Support Authorization and Assessment Activities: Coordinate with Third-Party Assessment Organizations (3PAOs), cloud service providers, and government stakeholders throughout the FedRAMP lifecycle. • Boundary Definition & Scoping: Lead CMMC/FedRAMP authorization boundary definition and system scoping activities. • Manage Continuous Monitoring Programs: Oversee FedRAMP continuous monitoring requirements, including vulnerability management, incident response reporting, and change control. • Lead FedRAMP Engagements: Manage multiple concurrent client projects, ensuring milestones, deliverables, and quality standards are consistently met or exceeded. • Support CMMC and NIST 800-171 Compliance Efforts: Assist defense contractors with interpreting CMMC 2.0 and NIST SP 800-171 controls.

Job Requirements

  • 5+ years of experience in GRC, with deep exposure to FedRAMP, NIST SP 800-53, and federal compliance programs
  • Working knowledge of CMMC 2.0 and NIST SP 800-171 requirements
  • 3+ years of experience leading or mentoring a small team
  • Experience authoring and reviewing SSPs, POA&Ms, and assessment artifacts
  • Familiarity with federal cloud environments (AWS GovCloud, Azure Government, GCC High)
  • Experience working with SaaS providers, federal contractors, or regulated technology organizations
  • Ability to thrive in a fast-paced, consulting or startup environment.

Benefits

  • Career Development : Clear path with mentorship and training opportunities
  • Technical Training : Comprehensive onboarding on security and compliance frameworks
  • Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
  • Growth Opportunity : Early-stage company with significant room for career advancement.
  • Remote-First Culture : Flexibility to work from anywhere while collaborating with a global team.

Related Categories

Compliance

Related Job Pages

Remote Full-time Jobs (US)More US Remote Jobs