FedRAMP Analyst

Job not on LinkedIn

🕒 May 18

☕ Washington – Remote

☕ Washington – Remote

💵 $80k - $100k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

🧐 Analyst

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Clearview AI

WebsiteLinkedInAll Job Openings

11 - 50 employees

Founded 2017

🤖 Artificial Intelligence

🔐 Security

🏛️ Government

Artificial Intelligence • Security • Government

Clearview AI is a U. S. -based company that develops and provides facial recognition software and investigative tools used primarily by law enforcement, government agencies, and the military. Its platform matches images against a very large proprietary database to accelerate suspect identification, criminal investigations, victim recovery, and national security operations, and the company emphasizes accuracy, scalability, and security/compliance for public-sector customers.

📋 Description

• Execute the monthly FedRAMP CONMON calendar and ensure timely completion of all required artifacts and submissions. • Own monthly vulnerability remediation tracking: intake scan outputs, open/track remediation tickets, validate closure evidence, and ensure SLA adherence (e.g., 30/90/180-day timelines). • Maintain and update the Plan of Action and Milestones (POA&M): create/update POA&M items, document milestones, track due dates, coordinate risk statements with Legal, and route for approvals. • Generate and maintain monthly inventory and configuration evidence (e.g., Integrated Inventory Workbook/IIW updates, authorized software evidence, baseline/config drift support). • Prepare monthly CONMON reporting packages, including Monthly Security Status Reports, CONMON Executive Summary inputs, deviation requests, and other stakeholder reports required by the Sponsoring Agency, FedRAMP PMO, or Authorizing Official. • Prepare deviation and exception requests: gather technical justification, compensating control documentation, scope/impact statements, and route through required approvals. • Support continuous monitoring governance activities: access review evidence, log/monitoring review evidence, and coordination of corrective actions with Engineering and Security & IT. • Maintain the CONMON and ATO artifact repository in Google Drive (or designated system): version control, naming conventions, evidence indexing, and audit-ready structure. • Support annual security testing activities (e.g., penetration tests, red-team exercises if applicable, IR/ISCP tabletop exercises) by tracking schedules, collecting artifacts, and documenting remediation status. • Support annual 3PAO assessment coordination: evidence collection, interview scheduling, assessor Q&A tracking, and findings remediation tracking in partnership with the VP, Federal Operations. • Support significant change workflows: help determine compliance impact, document change narratives, update SSP appendices as required, and maintain change evidence for CONMON. • Track training compliance for federal systems (Rules of Behavior acknowledgements, required awareness training completion) in coordination with People Ops and Security & IT. • Serve as a primary day-to-day point of contact for internal stakeholders for FedRAMP evidence requests and compliance status updates; escalate risks and blockers to the VP, Federal Operations.

🎯 Requirements

• 3+ years of experience in cybersecurity compliance, GRC, or operating regulated cloud environments (FedRAMP, DoD IL, CJIS, HIPAA, PCI, ISO 27001/42001, or similar). • Demonstrated experience executing continuous monitoring or recurring compliance reporting programs (monthly cadence preferred). • Working knowledge of NIST 800-53 and FedRAMP concepts (POA&M management, SSP/ATO artifact structure, assessment evidence expectations). • Experience coordinating vulnerability remediation tracking and translating technical findings into compliance artifacts (tickets, evidence, milestones, risk language). • Strong project management and organizational skills; ability to manage multiple deadlines and stakeholder inputs. • Excellent communication skills for producing audit-ready narratives, status reports, and executive summaries. • Comfort working with technical teams (Engineering, Security) to obtain evidence and validate remediation outcomes. • Experience using common tooling for evidence and workflow tracking (Google Drive, Jira/Linear, spreadsheets, ticketing systems). • Ability to manage confidential and sensitive cybersecurity information. • Candidates must be able to meet government security clearance requirements as required for this role. • **Preferred Qualifications:** • Direct experience supporting a FedRAMP Moderate/High authorization, annual 3PAO assessment, or agency ATO process. • Experience with SecondFront/Game Warden or other FedRAMP-adjacent platforms and inherited-control models. • Familiarity with vulnerability scanning, SIEM/log review concepts, and secure SDLC evidence (SAST/DAST, threat modeling). • Experience with evidence automation or compliance engineering approaches (repeatable evidence packets, templates, control mapping). • Relevant certifications (e.g., Security+, SSCP, CISSP Associate, CAP, CISA, PMP).

🏖️ Benefits

• Medical, Dental, Vision, STD and LTD Plans • FSA - Medical and Dependent Care • EAP and wellness programs • 13 Paid Holidays • Unlimited PTO • Flexible work environment - 100% remote • 401(k) plan