Description

You will lead the end-to-end execution and delivery of GovRAMP, StateRAMP, and FedRAMP compliance programs, driving cross-functional teams and coordinating with auditors to ensure timely authorization and continuous monitoring.

Requirements

• 5+ years experience in program management, ideally supporting compliance, security, or regulatory initiatives
• Experience working with GovRAMP, StateRAMP, FedRAMP, or closely related frameworks (FedRAMP Moderate preferred)
• Strong understanding of NIST SP 800-53 concepts (implementation knowledge required; deep policy writing not required)
• Demonstrated ability to manage cross-functional global teams
• Experience coordinating audits, assessments, or external reviews
• Excellent written and verbal communication skills for US stakeholders
• Program planning and execution rigor
• Stakeholder management across time zones
• Clear escalation and decision framing
• Strong documentation and tracking discipline
• Delivery-oriented mindset with attention to audit detail

Responsibilities

• Own the end-to-end program plan for GovRAMP, StateRAMP, and/or FedRAMP initiatives
• Develop and maintain detailed schedules, milestones, dependency tracking, and risk registers
• Drive accountability across Security, Engineering, Cloud Ops, Product, and IT
• Coordinate authorization activities including readiness assessments, gap remediation, 3PAO/assessor engagement, authorization reviews, and continuous monitoring operations
• Manage the production, review, and lifecycle of core authorization artifacts (SSP, control narratives, boundary diagrams, inventories)
• Serve as the program coordination point for assessors and 3PAOs
• Own the POA&M tracking and delivery process, working with engineering and operations to define remediation milestones, track progress, and validate closure evidence
• Operationalize monthly and quarterly continuous monitoring cadence, tracking vulnerability management, patching, access reviews, logging, and attestations