Compliance Manager – Government

🕒 vor 1 Monat

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

Workstreet

WebsiteLinkedInAlle Stellen

11 - 50 Mitarbeiter

Gegründet 2023

🔒 Cybersecurity

📋 Compliance

🤝 B2B

Cybersecurity • Compliance • B2B

Workstreet ist ein Anbieter von verwalteten Sicherheits- und Compliance-Dienstleistungen, der Unternehmen dabei hilft, ihre Sicherheitsprogramme zu automatisieren und zu modernisieren. Mit Expertise in Compliance-Rahmenwerken, einschließlich SOC 2, ISO 27001, HIPAA und GDPR, unterstützt Workstreet Unternehmen dabei, ihre Sicherheits- und Compliance-Ziele effizient zu erreichen. Ihre Dienstleistungen umfassen die Funktion als virtueller Chief Information Security Officer (vCISO), umfassende Penetrationstests und das Risikomanagement von Drittanbietern, um die Sicherheitsprozesse zu rationalisieren und es den Unternehmen zu ermöglichen, sich auf ihr Wachstum zu konzentrieren.

Beschreibung

• Lead NIST SP 800-53 Control Implementation: Own and oversee the interpretation, mapping, and implementation of NIST SP 800-53 Rev 5 controls across Moderate and High baseline engagements, ensuring control narratives are accurate, defensible, and aligned to agency expectations. • Own and Review FedRAMP/GovRAMP Authorization Documentation: Direct the development, quality review, and maintenance of System Security Plans (SSPs), control implementation narratives, POA&Ms, SAPs, SARs, CISOs, and continuous monitoring artifacts for FedRAMP and GovRAMP programs. • Lead FedRAMP and GovRAMP Readiness Assessments: Lead gap analyses and readiness reviews that prepare clients for Agency ATO pathways, GovRAMP authorization, and the FedRAMP 20x continuous authorization model. Translate findings into actionable remediation roadmaps aligned to authorization milestones. • Manage Authorization and Assessment Coordination: Serve as the primary engagement lead coordinating with Third-Party Assessment Organizations (3PAOs), Authorizing Officials (AOs), cloud service providers, and state agency stakeholders throughout the FedRAMP and GovRAMP authorization lifecycle. • Boundary Definition & System Scoping: Lead FedRAMP and GovRAMP authorization boundary definition and system scoping activities, including in-scope component identification, interconnections, data flows, shared responsibility models, and leveraged authorization packages, ensuring alignment with FedRAMP PMO guidance and agency-specific requirements. • Oversee Continuous Monitoring Programs: Direct and quality-assure monthly, quarterly, and annual FedRAMP and GovRAMP continuous monitoring requirements, including vulnerability management, incident response reporting, significant change requests, and annual assessment planning. Advise clients on automation tooling and OSCAL adoption aligned to FedRAMP 20x objectives. • Drive FedRAMP 20x Readiness and Positioning: Serve as Workstreet’s internal subject matter expert on FedRAMP 20x, including machine-readable authorization packages (OSCAL), continuous authorization models, and emerging PMO pilot guidance. Educate clients and internal teams on implications and readiness pathways. • Manage Client Relationships and Engagement Delivery: Own client-facing communication, milestone tracking, and escalation management across multiple concurrent FedRAMP, GovRAMP, and NIST 800-53 engagements. Ensure consistent delivery quality across the portfolio and serve as the primary point of escalation for client issues. • Support Business Development and Solutioning: Contribute to proposals, scoping calls, and sales conversations for FedRAMP, GovRAMP, and NIST 800-53 opportunities. Help shape Workstreet’s go-to-market positioning for state and federal government compliance services. • Lead, Coach, and Develop GRC Engineers: Directly manage and mentor a team of Senior and Junior GRC Engineers supporting federal compliance engagements. Provide hands-on technical coaching on NIST SP 800-53 control implementation, FedRAMP documentation standards, and 3PAO coordination.

🎯 Anforderungen

• Strong organizational and project management skills with the ability to manage multiple engagements concurrently • 2+ years of experience directly managing or mentoring GRC engineers or compliance consultants, with a track record of raising team performance through coaching, feedback, and structured development • 5+ years of experience in GRC consulting or federal compliance, with deep hands-on expertise in FedRAMP, NIST SP 800-53, and/or GovRAMP programs • Demonstrated ability to independently manage complex federal compliance engagements, including client-facing ownership of milestones, deliverables, and issue escalation • Proven experience leading and quality-reviewing SSPs, POA&Ms, CISOs, SARs, and other FedRAMP/GovRAMP authorization artifacts • Strong working knowledge of federal cloud environments and shared responsibility models (AWS GovCloud, Azure Government, GCC High, Oracle GovCloud) • Experience working with SaaS providers, cloud service providers, or technology organizations seeking federal or state government authorization • Ability to thrive in a fast-paced, consulting, or startup environment.

🏖️ Vorteile

• Career Development : Clear path with mentorship and training opportunities. • Competitive Compensation: A competitive base salary with regular performance reviews linked to merit-based appraisals and bonus opportunities. • Growth Opportunity : Early-stage company with significant room for career advancement. • Remote-First Culture : Flexibility to work from anywhere while collaborating with a global team.