Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Rapid7

Public Sector Compliance Analyst

Rapid7

Trust, Risk, and Compliance Analyst assisting in compliance documentation and monitoring for US Public Sector cybersecurity programs. Contributing to Rapid7's mission of strengthening digital security.

Posted 5/6/2026full-timeRemote • Massachusetts, Virginia • 🇺🇸 United StatesJuniorMid-Level💰 $86,700 - $117,300 per yearWebsite

Tech Stack

Tools & technologies
CloudCyber SecurityServiceNow

About the role

Key responsibilities & impact
  • Support day-to-day activities for Rapid7’s US Public Sector compliance programs, with a primary focus on FedRAMP
  • Assist in maintaining compliance documentation, including policies, procedures, system security plans (SSPs), authorization artifacts, and supporting evidence
  • Support continuous monitoring (ConMon) activities, including ongoing evidence collection and reporting
  • Assist in managing Plans of Action & Milestones (POA&Ms), including tracking remediation progress, timelines, and risk ownership
  • Track and support control implementation aligned to NIST 800-53 rev. 5 and NIST 800-171
  • Use ATO-focused GRC platforms such as Paramify, ServiceNow GRC, Onspring, or RegScale to manage compliance status, risks, and findings
  • Partner with Engineering and Security teams to understand technical control implementations, vulnerabilities, and remediation plans
  • Support audit and assessment readiness activities, including ATO packages and regulatory reporting
  • Assist with vendor reviews, including Control Implementation Summaries (CIS) and Customer Responsibility Matrices (CRM)
  • Help identify opportunities to improve GRC, POA&M, and ConMon processes through standardization, automation, and improved data quality
  • Gain hands-on exposure to evolving requirements such as CMMC, new Executive Orders, and emerging US public sector cybersecurity initiatives

Requirements

What you’ll need
  • 2-5 years of experience (or equivalent academic, internship, or early-career experience) in cybersecurity, risk, compliance, governance, or cloud security
  • Foundational knowledge of NIST 800-53 and/or NIST 800-171
  • Interest in US Government and SLED cybersecurity programs (FedRAMP, GovRAMP, StateRAMP)
  • Experience or familiarity with ATO-focused GRC platforms such as Paramify, ServiceNow GRC, Onspring, or RegScale
  • Ability to understand and document both policy-based and technical security controls
  • Strong analytical skills, attention to detail, and comfort working with structured documentation
  • Clear written and verbal communication skills
  • A curious, collaborative mindset and eagerness to learn

Benefits

Comp & perks
  • Health insurance
  • 401(k) matching
  • Paid time off
  • Flexible work hours
  • Professional development opportunities

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cybersecurityrisk managementcompliancegovernancecloud securityNIST 800-53NIST 800-171continuous monitoringcontrol implementationaudit readiness
Soft Skills
analytical skillsattention to detailwritten communicationverbal communicationcollaborative mindseteagerness to learn