
Senior GRC Engineer – NIST 800-53/FedRAMP
Posted Jun 26

Posted Jun 26
This is a fully remote position, open to applicants in United States.
• Guide Clients Through Federal Authorization Processes: Steer clients through NIST SP 800-53 and FedRAMP compliance initiatives, offering proactive communication, clear milestone direction, and hands-on assistance throughout the Assessment and Authorization (A&A) lifecycle.
• Collaborate Closely with Clients: Directly partner with organizations seeking federal authorizations to comprehend their environment, pinpoint security vulnerabilities, and propel progress towards achieving and sustaining compliance.
• Be a Trusted Compliance Advisor: Provide expert advice on NIST SP 800-53, FedRAMP requirements, and federal cybersecurity standards in a manner that is accessible, actionable, and tailored to each client's specific operational context.
• Lead and Mentor a Compliance Team: Offer guidance, feedback, and professional development support to a small team of compliance professionals, ensuring quality standards and accountability across client interactions.
• Drive Consistent Delivery: Oversee and coordinate multiple NIST SP 800-53 and FedRAMP compliance projects across diverse clients, guaranteeing that milestones and deliverables are achieved ahead of authorization deadlines.
• Interpret and Apply Security Controls: Analyze and apply NIST SP 800-53 security and privacy controls and control baselines to guarantee client compliance with federal cybersecurity standards.
• Develop and Maintain Authorization Documentation: Create, implement, and sustain System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), and other necessary authorization documentation for NIST SP 800-53 and FedRAMP.
• Conduct Gap Assessments: Execute readiness reviews to identify and rectify control deficiencies for organizations seeking an Authorization to Operate (ATO) or FedRAMP authorization.
• Support Assessment Activities: Assist clients throughout the Assessment and Authorization (A&A) process and coordinate with Third-Party Assessment Organizations (3PAOs) and independent assessors.
• Collaborate on Remediation Efforts: Work in close collaboration with clients to identify and resolve gaps in their security programs to comply with NIST SP 800-53 Low, Moderate, and High control baselines.
• Monitor Regulatory Updates: Remain informed about the latest developments in NIST SP 800-53 revisions, FedRAMP requirements, and federal cybersecurity policies and guidance to ensure client programs stay compliant and ahead of evolving requirements.
• Strong organizational abilities to manage multiple NIST SP 800-53 compliance projects simultaneously.
• Over 5 years of experience in federal compliance, NIST SP 800-53, FedRAMP, or RMF implementation.
• At least 3 years of leadership experience in managing or guiding a small team.
• Profound knowledge of the NIST Risk Management Framework (RMF) and the security and privacy control families within NIST SP 800-53.
• Experience in implementing and assessing NIST SP 800-53 controls.
• Familiarity with FedRAMP authorization pathways and federal agency workflows.
• Background in working with cloud service providers (CSPs) or organizations pursuing federal authorizations.
• Understanding of common FedRAMP-authorized cloud environments such as AWS GovCloud, Azure Government, or GCC High.
• Ability to thrive in a rapid-paced startup environment.
• Career Development: Clearly defined growth path with mentorship and training opportunities.
• Technical Training: Comprehensive onboarding on security and compliance frameworks.
• Competitive Compensation: Attractive base salary with regular performance reviews, merit-based evaluations, and bonus potential.
• Growth Opportunity: An early-stage company with ample prospects for career advancement.
• Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team.
AMERICAN SYSTEMS
TechnologyAdvice
Get handpicked remote jobs straight to your inbox weekly.