Workstreet

Senior GRC Engineer – CMMC/FedRAMP

Workstreet

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloud

About the role

  • Interpret and Apply FedRAMP Requirements: Analyze and apply NIST SP 800-53 controls, FedRAMP baselines, and agency-specific requirements to ensure client compliance.
  • Develop and Maintain FedRAMP Documentation: Author and maintain System Security Plans (SSPs), control implementation narratives, POA&Ms, SAPs, SARs, and continuous monitoring artifacts.
  • Conduct FedRAMP Readiness Assessments: Perform gap analyses and readiness reviews to prepare organizations for JAB or Agency ATO pathways.
  • Support Authorization and Assessment Activities: Coordinate with Third-Party Assessment Organizations (3PAOs), cloud service providers, and government stakeholders throughout the FedRAMP lifecycle.
  • Boundary Definition & Scoping: Lead CMMC/FedRAMP authorization boundary definition and system scoping activities.
  • Manage Continuous Monitoring Programs: Oversee FedRAMP continuous monitoring requirements, including vulnerability management, incident response reporting, and change control.
  • Lead FedRAMP Engagements: Manage multiple concurrent client projects, ensuring milestones, deliverables, and quality standards are consistently met or exceeded.
  • Support CMMC and NIST 800-171 Compliance Efforts: Assist defense contractors with interpreting CMMC 2.0 and NIST SP 800-171 controls.

Requirements

  • 5+ years of experience in GRC, with deep exposure to FedRAMP, NIST SP 800-53, and federal compliance programs
  • Working knowledge of CMMC 2.0 and NIST SP 800-171 requirements
  • 3+ years of experience leading or mentoring a small team
  • Experience authoring and reviewing SSPs, POA&Ms, and assessment artifacts
  • Familiarity with federal cloud environments (AWS GovCloud, Azure Government, GCC High)
  • Experience working with SaaS providers, federal contractors, or regulated technology organizations
  • Ability to thrive in a fast-paced, consulting or startup environment.
Benefits
  • Career Development : Clear path with mentorship and training opportunities
  • Technical Training : Comprehensive onboarding on security and compliance frameworks
  • Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities.
  • Growth Opportunity : Early-stage company with significant room for career advancement.
  • Remote-First Culture : Flexibility to work from anywhere while collaborating with a global team.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
FedRAMPNIST SP 800-53CMMC 2.0NIST SP 800-171System Security Plans (SSPs)POA&Msgap analysesvulnerability managementincident response reportingchange control
Soft Skills
leadershipmentoringproject managementcommunicationorganizational skillsadaptabilityproblem-solvingcollaborationattention to detailtime management