Senior Public Sector Compliance Manager
Menlo Security Inc.
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
Salary
💰 $165,000 - $275,000 per year
Job Level
Tech Stack
About the role
- Develop and govern a comprehensive compliance roadmap to maintain CMMC certification, mitigating risks across all internal and external systems.
- Drive strategic initiatives for high-priority federal projects, ensuring all systems and processes meet the rigorous requirements for DoD Impact Level 6 (IL6) authorization
- Serve as the Subject Matter Expert (SME) for FedRAMP High standards.
- Act as a key liaison to the Federal Sales Team, serving as a subject matter expert (SME) to ensure all business development activities align with federal regulatory standards and security compliance frameworks.
- Support the FedRAMP Moderate authorization and reauthorization processes, including development, review, and maintenance of system security documentation (SSP, POA&M, SAP, SAR, etc.).
- Map and analyze security controls against FedRAMP Moderate/High baselines and NIST SP 800-53 controls.
- Assist in implementing and monitoring security controls for FedRAMP-authorized systems.
- Coordinate with internal teams (engineering, operations, DevSecOps) to ensure security requirements are integrated into system design and operation.
- Maintain continuous monitoring documentation and support periodic assessments (e.g., annual assessments, penetration tests, vulnerability scans).
- Interface with Third Party Assessment Organizations (3PAOs), government customers, and internal stakeholders to support audits and assessments.
- Track and manage Plan of Action and Milestones (POA&M) items to closure.
- Manage the Administration, Training and Development of the FedRAMP platform and all associated monthly, quarterly, annual requirements as per the FedRAMP authorization process.
- Provide compliance reporting, metrics, and risk analysis to management.
- Stay up to date with changes in FedRAMP requirements, NIST guidance, and related compliance frameworks (e.g., FISMA, CMMC).
Requirements
- U.S. Citizenship (required for working in GovCloud environments)
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience)
- 2–3 years of experience in information security compliance or risk management, preferably in a FedRAMP or FISMA-regulated environment
- Strong knowledge of NIST SP 800-53, FedRAMP Moderate/High baselines, and the FedRAMP authorization process
- Experience with security documentation (SSP, POA&M, SAR, SAP, etc.) and governance tools
- Familiarity with vulnerability scanning tools (e.g., Nessus, Qualys) and interpreting security findings
- Eligibility to obtain security clearance is required
Benefits
- Competitive salary
- Stock-based compensation grants based on company and individual performance
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
compliance roadmap developmentCMMC certificationDoD Impact Level 6 (IL6) authorizationFedRAMP High standardssecurity documentationNIST SP 800-53security controls implementationrisk managementvulnerability scanningsecurity compliance frameworks
Soft Skills
communicationcollaborationproblem-solvingorganizational skillsleadershipanalytical skillsattention to detailstrategic thinkingliaison capabilitiestraining and development
Certifications
CMMC certificationFedRAMP authorizationsecurity clearance eligibility