Own and evolve the internal audit program aligned to FedRAMP Moderate and related frameworks
Maintain and enhance the Information Security and Privacy Framework, including policies and standards
Conduct NIST 800-53 assessments and provide actionable recommendations based on FedRAMP controls and best practices
Lead monthly FedRAMP Continuous Monitoring (ConMon) activities and submissions
Partner with engineering and operations teams to deliver compliance requirements and meet key milestones
Act as a key liaison with external auditors, clearly articulating control implementation in a cloud environment
Support certification initiatives (FedRAMP and others) and drive compliance strategy
Manage audit documentation, evidence, and reporting within a GRC system
Develop audit plans, reports, and continuous monitoring approaches
Support and facilitate internal and external audits

Requirements

Experience with FedRAMP, NIST 800-53, FISMA, or similar compliance frameworks
Strong understanding of FedRAMP reporting and information collection processes
Experience producing metrics, reports, and compliance insights
3+ years in security, compliance, or audit within a technical environment
Hands-on experience supporting major compliance frameworks (e.g. FedRAMP, SOC 2, ISO 27001, BSI C5)
Solid knowledge of information security policies and best practices
Strong communication skills with the ability to influence stakeholders
Proactive, detail-oriented, and highly organized

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

FedRAMPNIST 800-53FISMASOC 2ISO 27001BSI C5audit documentationcompliance metricsGRC systeminformation security policies

Soft Skills

strong communicationinfluence stakeholdersproactivedetail-orientedhighly organized