Senior GRC Consultant – Federal, Complex Frameworks

🔥 0 minutes ago

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Sprinto

Sprinto

51 - 200 employees

Founded 2020

Automating Information Security Compliances & Privacy Laws for fast growing SaaS companies. Use Sprinto to obtain information security compliance, close enterprise deals faster, and pass vendor security assessments easily.

📋 Description

• Lead delivery of FedRAMP readiness/authorization support, CMMC Level 1–3 assessments and gap remediation, HITRUST r2 validated assessment preparation, NIST 800-53/800-171 control implementation and SSP development, and NIST CSF maturity assessments. • Provide pre-sales technical validation on federal/complex opportunities — these deals typically need scoping rigor before contract that standard-framework deals don't. • Build and maintain control-mapping libraries, SSP templates, POA&M templates, and evidence-collection playbooks calibrated to the depth federal frameworks require. • Track framework revisions (NIST 800-53 Rev 6, CMMC rule finalization, FedRAMP 20x, etc.) and translate changes into playbook updates promptly — these frameworks move on regulatory timelines, not product timelines. • Define pricing for federal/complex engagements, reflecting higher complexity and duration than standard-framework work. • Own margin and utilization on your engagement book; forecast capacity against a specialized, harder-to-backfill skillset. • Build AI-assisted control-mapping and evidence-review playbooks, with heavier human-review gates than standard frameworks warrant given ATO/certification consequences. • Define QA guardrails specific to federal work: accuracy is non-negotiable given the downstream consequence (loss of certification/authorization eligibility). • Set clear boundaries/disclaimers on what Sprinto's assessment does and doesn't guarantee toward formal certification/authorization outcomes.

🎯 Requirements

• 5+ years in federal/defense-adjacent compliance consulting, or as an ISSO/ISSM, FedRAMP 3PAO assessor, or CMMC C3PAO assessor. • Has taken systems through an actual ATO, FedRAMP authorization, or CMMC certification — advisory-only experience isn't sufficient here. • Domain mastery in FedRAMP (Moderate/High baseline), CMMC L1–L3, HITRUST r2, NIST 800-53, NIST 800-171, NIST CSF. • OSCAL/SSP structural familiarity is a plus. • Demonstrated use of AI tools to reduce manual effort and standardize deliverables. • Able to translate domain expertise into reusable templates and guided systems. • Comfortable owning pricing and margin on a lower-volume, higher-ACV book. • Excellent written communication for SSP/POA&M-grade documentation. • Strong judgment under regulatory ambiguity. • Preferred: CISSP, CISA, CMMC-RP/CMMC-CCA, FedRAMP-recognized assessor training, NIST 800-171 assessor certification.

🏖️ Benefits

• Work wherever you are: We are 100% remote, so you get to choose if you want to work from home, a cafe, the hills, or the beach. • Co-working, on the house: If co-working is your jam, we offer a generous annual allowance. • We care about your learning: We are invested in seeing you grow and commit USD 1,000 annually to help you level up your skills. • We count your spark, not your leaves: Unlimited leave so you can reset when you need to. • Your Safety Net, Woven In: Health insurance with coverage up to INR 10 lakh for you and your family, accident protection of an additional INR 10 lakh, and life insurance worth 3x your annual salary. • Workspace setup of your dreams: We chip in INR 35,000 to help you build a setup that works for you

Apply Now

Similar Jobs

🔥 3 hours ago

Mashreq

1001 - 5000

🏦 Banking

💸 Finance

💳 Fintech

Lead regulatory reporting for Mashreq UAE, ensuring compliance with CBUAE. Manage submissions of reports and prudential metrics in a dynamic regulatory environment.

🕒 5 days ago

Parexel

10,000+ employees

⚕️ Healthcare Insurance

🧬 Biotechnology

💊 Pharmaceuticals

Clinical Trial Submission Lead managing the end-to-end process of Clinical Trial Applications across EU and ROW. Ensuring quality submissions through effective risk management and collaboration with global teams.

🕒 July 1

E.L.F. BEAUTY

201 - 500

💄 Beauty

🛒 Retail

🛍️ eCommerce

IT Compliance Analyst supporting e.l.f. Beauty's IT compliance framework. Conducting IT controls testing and risk assessments in a dynamic, fast-paced environment.

🇮🇳 India – Remote

💰 $225.2M Post-IPO Secondary on 2017-03

⏰ Full Time

🟡 Mid-level

🟠 Senior

🚔 Compliance

🕒 June 30

Parexel

10,000+ employees

⚕️ Healthcare Insurance

🧬 Biotechnology

💊 Pharmaceuticals

Regulatory Affairs Consultant supporting global regulatory lifecycle management and submissions. Improving healthcare through effective regulation across international markets and health authorities.

🕒 June 30

Parexel

10,000+ employees

⚕️ Healthcare Insurance

🧬 Biotechnology

💊 Pharmaceuticals

Senior Associate supporting global regulatory lifecycle management activities across EU, US, and international markets. Preparing and delivering regulatory submission packages while managing post-approval changes.