WorkstreetRemote
Senior GRC Engineer – CMMC/FedRAMP
United States of America
Full Time
4 weeks ago
No H1B
Key skills
AWSAzureCloudSaaSMentoring
About this role
Role Overview
- Interpret and Apply FedRAMP Requirements: Analyze and apply NIST SP 800-53 controls, FedRAMP baselines, and agency-specific requirements to ensure client compliance.
- Develop and Maintain FedRAMP Documentation: Author and maintain System Security Plans (SSPs), control implementation narratives, POA&Ms, SAPs, SARs, and continuous monitoring artifacts.
- Conduct FedRAMP Readiness Assessments: Perform gap analyses and readiness reviews to prepare organizations for JAB or Agency ATO pathways.
- Support Authorization and Assessment Activities: Coordinate with Third-Party Assessment Organizations (3PAOs), cloud service providers, and government stakeholders throughout the FedRAMP lifecycle.
- Boundary Definition & Scoping: Lead CMMC/FedRAMP authorization boundary definition and system scoping activities.
- Manage Continuous Monitoring Programs: Oversee FedRAMP continuous monitoring requirements, including vulnerability management, incident response reporting, and change control.
- Lead FedRAMP Engagements: Manage multiple concurrent client projects, ensuring milestones, deliverables, and quality standards are consistently met or exceeded.
- Support CMMC and NIST 800-171 Compliance Efforts: Assist defense contractors with interpreting CMMC 2.0 and NIST SP 800-171 controls.
Requirements
- 5+ years of experience in GRC, with deep exposure to FedRAMP, NIST SP 800-53, and federal compliance programs
- Working knowledge of CMMC 2.0 and NIST SP 800-171 requirements
- 3+ years of experience leading or mentoring a small team
- Experience authoring and reviewing SSPs, POA&Ms, and assessment artifacts
- Familiarity with federal cloud environments (AWS GovCloud, Azure Government, GCC High)
- Experience working with SaaS providers, federal contractors, or regulated technology organizations
- Ability to thrive in a fast-paced, consulting or startup environment.
Tech Stack
- AWS
- Azure
- Cloud
Benefits
- Career Development : Clear path with mentorship and training opportunities
- Technical Training : Comprehensive onboarding on security and compliance frameworks
- Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
- Growth Opportunity : Early-stage company with significant room for career advancement.
- Remote-First Culture : Flexibility to work from anywhere while collaborating with a global team.