Job Description:
• Own and evolve the internal audit program aligned to FedRAMP Moderate and related frameworks
• Maintain and enhance the Information Security and Privacy Framework, including policies and standards
• Conduct NIST 800-53 assessments and provide actionable recommendations based on FedRAMP controls and best practices
• Lead monthly FedRAMP Continuous Monitoring (ConMon) activities and submissions
• Partner with engineering and operations teams to deliver compliance requirements and meet key milestones
• Act as a key liaison with external auditors, clearly articulating control implementation in a cloud environment
• Support certification initiatives (FedRAMP and others) and drive compliance strategy
• Manage audit documentation, evidence, and reporting within a GRC system
• Develop audit plans, reports, and continuous monitoring approaches
• Support and facilitate internal and external audits
Requirements:
• Experience with FedRAMP, NIST 800-53, FISMA, or similar compliance frameworks
• Strong understanding of FedRAMP reporting and information collection processes
• Experience producing metrics, reports, and compliance insights
• 3+ years in security, compliance, or audit within a technical environment
• Hands-on experience supporting major compliance frameworks (e.g. FedRAMP, SOC 2, ISO 27001, BSI C5)
• Solid knowledge of information security policies and best practices
• Strong communication skills with the ability to influence stakeholders
• Proactive, detail-oriented, and highly organized
Benefits:
• healthcare
• dental
• parental planning
• mental health benefits
• disability income benefits
• life and AD&D insurance
• a 401(k) plan and match
• paid time off
• fitness reimbursements