FedRAMP Program Manager Job at Second Front Systems

Technical Program Manager II

Arthur Lawrence is looking for a Technical Program Manager II one of our clients...

Location

United States , Fremont, CA

Salary:

Not provided

Arthur Lawrence

Expiration Date

Until further notice

Requirements

7+ years of experience as a Technical Program Manager in cloud or security compliance environments
Proven experience supporting FedRAMP and DoD Impact Level authorization processes
Strong expertise in NIST 800-53 security framework and controls

Compliance Technical Program Manager

The Azure Compliance team is seeking an enthusiastic and dedicated Compliance Te...

Location

United States , Redmond

Salary:

84200.00 - 165200.00 USD / Year

Microsoft Corporation

Expiration Date

Until further notice

Requirements

Bachelor's Degree OR equivalent experience
2+ years experience engineering, product/technical program management, data analysis, or product development
1+ year(s) of experience managing cross-functional and/or cross-team projects
1+ year(s) of experience reading and/or writing code (e.g., sample documentation, product demos)
1+ year(s) experience supporting compliance audits (e.g., SOC 2, PCI, ISO, HITRUST, FedRAMP)
2+ years of demonstrated experience with security control frameworks e.g., SOC 2, PCI, ISO, NIST, COSO, COBIT
End to end experience of the audit/certification lifecycle
Technical security and network background
CISSP, CISA, and/or CISM certification
Ability to meet Microsoft, customer and/or government security screening requirements

Job Responsibility

Support, scale, and execute Azure external assessment/audit projects
Collaborate with team members to devise strategies and processes around various compliance programs
Provide requirements for building tools and processes needed to develop a scalable and efficient compliance program
Create and manage effective action plans in response to audit findings
Review and audit Azure’s procedures, practices, and documents to identify potential vulnerabilities or risks
Engage with customer and partner teams for ad hoc compliance support

Fulltime

Senior Security Program Manager

We are seeking a skilled and detail-oriented Senior Security Program Manager, Pu...

Location

United States , New York

Salary:

160400.00 - 259150.00 USD / Year

Ramp

Expiration Date

Until further notice

Requirements

5+ years of experience in information security or compliance, with a focus on government and public sector regulatory frameworks (e.g., FedRAMP, GovRAMP, FISMA, NIST RMF)
Knowledge of NIST SP 800-53 and experience mapping controls across frameworks
Experience with cloud environments like AWS GovCloud or Azure Government, including implementation of compliant architectures
Proven ability to manage large-scale compliance programs across diverse stakeholder groups
Demonstrated success developing and maintaining regulatory documentation and audit evidence
Experience leading engagements with internal teams, assessors, and government partners
Strong written and verbal communication skills, including translating between technical and executive audiences
Excellent organizational skills and the ability to manage multiple initiatives with competing priorities
Self-starter with strong problem-solving abilities in ambiguous, fast-moving environments

Job Responsibility

Lead all aspects of the compliance lifecycle across multiple public sector frameworks (e.g., FedRAMP, GovRAMP), including risk assessments, continuous monitoring, audits, and authorization management
Drive complex cross-functional program management efforts involving teams across security, legal, engineering, infrastructure, and product functions
Serve as a subject matter expert on risk management and regulatory compliance for federal, state, and local government environments
Develop and maintain comprehensive security documentation aligned with applicable frameworks, including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and data flow diagrams
Monitor compliance with control requirements (e.g., NIST 800-53, GovRAMP Baselines) and coordinate the implementation of technical and procedural safeguards
Engage with third-party assessors (3PAOs or independent assessors), government sponsors, and internal teams to support assessments and audits
Lead readiness assessments and support the prioritization of remediation activities across teams
Manage timely tracking and closure of vulnerabilities and findings
ensure reporting and documentation obligations are met
Provide risk-informed compliance recommendations that influence infrastructure and product development decisions

What we offer

100% medical, dental & vision insurance coverage for you
Partially covered for your dependents
One Medical annual membership
401k (including employer match on contributions made while employed by Ramp)
Flexible PTO
Fertility HRA (up to $10,000 per year)
Parental Leave
Unlimited AI token usage
Pet insurance
Centralized home-office equipment ordering for all employees

Fulltime

Senior Technical Program Manager

The Senior Technical Program Manager, Security & GRC will work directly with our...

Location

United States

Salary:

200000.00 - 220000.00 USD / Year

Human Interest

Expiration Date

Until further notice

Requirements

Bachelor's degree in CS, Engineering, or a related field
Started career as a Security Engineer, Systems Administrator, or Analyst
TPM professional for 5+ years, specifically managing high-stakes security, privacy, or infrastructure initiatives
Deep understanding of the Security SDLC and experience navigating cloud-native service architectures (AWS/GCP) with a focus on security guardrails
Experience translating regulatory frameworks (e.g., SOC2, ISO 27001, FedRAMP, or GDPR) into concrete technical requirements
Proven ability to 'go deep' and comfortable looking at architectural diagrams, API docs, or cloud configurations to find root causes
Exceptional communication skills with a knack for explaining the 'why' behind a security control to a developer and the 'how' of a technical fix to an auditor
Strong ability to leverage data—from vulnerability scanners to Jira velocity—to tell a story and drive cross-functional decision-making

Job Responsibility

Technical security orchestration: Partner with Security Engineering, Risk, Product, and Infrastructure teams to bake security and compliance 'into the kiln'
Help design risk solutions: Dive deep into the security stack to not only identify execution blockers but actively architect the technical solutions to implement them
Help architect our security mission: Define the technical milestones for high-stakes initiatives like Zero Trust and IAM overhauls, translating a broad vision into a precise execution roadmap
Drive high-velocity operations: Lead agile security sprints that harmonize vulnerability remediation and threat detection with feature development
Optimize the 'rhythm of the business' by automating manual GRC workflows, eliminating manual friction and moving us toward Compliance as Code
Translate telemetry into narrative: Distill complex security data and telemetry into compelling risk narratives for leadership while maintaining high-fidelity technical depth for engineers
Optimize the defensive roadmap: Command long-term strategic planning by aligning cloud infrastructure costs and security tooling with the company’s overarching defensive goals
Cultivate organizational excellence: Uphold a relentless culture of focus and accountability, identifying systemic inefficiencies and driving impact through superior tooling and process engineering

What we offer

A great 401(k) plan: Our own! Our 401(k) includes a dollar-for-dollar employer match up to 4% of compensation (immediately vested) and $0 plan fees
Top-of-the-line health plans, as well as dental and vision insurance
Competitive time off and parental leave
Addition Wealth: Unlimited access to digital tools, financial professionals, and a knowledge center to help you understand your equity and support your financial wellness
Lyra: Enhanced Mental Health Support for Employees and dependents
Carrot: Fertility healthcare and family forming benefits
Candidly: Student loan resource to help you and your family plan, borrow, and repay student debt
Monthly work-from-home stipend
quarterly lifestyle stipend
Engaging team-building experiences, ranging from virtual social events to team offsites, promoting collaboration and camaraderie

Fulltime

Information Security Program Manager

The Information Security Program Manager provides overall leadership, management...

Location

United States , Washington, District of Columbia

Salary:

Not provided

SD Solutions, LLC

Expiration Date

Until further notice

Requirements

Bachelor's degree required
Minimum 5 years of program or project management experience
Minimum 7 years supporting federal cybersecurity programs
CISSP, CAP, or CISM required
PMP preferred
Public Trust clearance required
Ability to obtain and maintain clearance is mandatory

Job Responsibility

Lead contract performance, staffing, scheduling, budget, and risk management
Provide strategic direction for FISMA, NIST RMF, CDM, FedRAMP, and DevSecOps initiatives
Oversee development of plans, reports, dashboards, and executive briefings
Ensure compliance with all cybersecurity and privacy regulatory requirements
Support audits, inspections, and regulatory data calls
Implement continuous process improvement and cybersecurity program maturity activities

Fulltime

FedRAMP Cloud Security Project Manager

Our FedRAMP Cloud Security Project Manager will be working on a highly functiona...

Location

United States , North Wilkesboro

Salary:

Not provided

InfusionPoints

Expiration Date

Until further notice

Requirements

At least 5 years’ experience managing the developing of FISMA/FedRAMP System Security Plans for low, moderate and high impact IaaS, PaaS and SaaS solutions
3+ years managing projects and/or programs
Experience with obtaining and maintaining compliance certifications such as FedRAMP preferred
Experience with cloud infrastructure and software development lifecycle preferred
Excellent decision-making, analytical and problem-solving skills
Results-Driven and have the courage and confidence to challenge the status quo
Organized Researcher with strong organizational, presentation, and customer research skills
Solid understanding of Amazon Web Services (AWS), and Azure Cloud Security experience
Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
Outstanding interpersonal and communication skills, both verbal and written

Job Responsibility

Stay current on US policy related to IA, acquisition and computer network defense
Create and publish technical documentation associated with FedRAMP assessment packages
Work across our customers' environments to manage, provide Subject Matter Expertise in leading, designing, building, and documenting FedRAMP security controls for our customers in AWS and Azure environments
Work with our customers to guide them to achieve and maintain a FedRAMP Authority to Operate (ATO)

What we offer

Competitive compensation and benefits package

New

Business Analyst - Product Owner

The Product Owner/Business Analyst serves as a critical interface between stakeh...

Location

United States , Bethesda

Salary:

78948.00 - 164476.00 USD / Year

NTT DATA

Expiration Date

Until further notice

Requirements

Bachelor’s Degree in a business or technical field
Minimum 7 years of experience in engineering/science management, operations research analysis or financial/cost analysis
Minimum 1 year of experience in U.S. Navy programs or operations
US Citizen with the ability to obtain a Secret Clearance

Job Responsibility

Serve as the primary liaison between stakeholders, Client, and technical teams to capture and validate business and technical requirements
Lead the development and continuous refinement of user stories, acceptance criteria, and workflow documentation for client modules, including inventory, exposure tracking, and RBAC
Facilitate requirements workshops, interviews, and operational scenario walkthroughs with end users from nuclear, medical, and expeditionary communities
Prioritize and manage the product backlog, ensuring alignment with contract requirements, SOW deliverables, and client mission objectives
Support the implementation of DevSecOps and agile methodologies, including sprint planning, backlog grooming, and user acceptance testing
Oversee the documentation and traceability of requirements, test cases, and system changes to ensure auditability and compliance
Collaborate with technical leads to ensure integration of AWS GovCloud, IoT gateway management, and secure data exchange protocols
Ensure client modules support role-based authorization, organizational hierarchy management, and data conflict resolution as specified in the SOW
Coordinate with cybersecurity and compliance teams to ensure all solutions meet DoD IL4, FedRAMP, and privacy requirements
Prepare and deliver regular status reports, risk assessments, and recommendations to project leadership and stakeholders

What we offer

medical insurance
dental insurance
vision insurance
flexible spending account
health savings account
life insurance
AD&D insurance
short term disability coverage
long term disability coverage
paid time off

Fulltime

New

Application and Data Security Consultant

Tier4 is looking for a Security Consultant who will be responsible for ensuring ...

Location

United States , Quincy

Salary:

Not provided

Tier4 Group

Expiration Date

Until further notice

Requirements

10+ years of IT experience with at least 5+ years as a Security Manager/officer
Bachelor's degree in Information Technology or computer science or related field or equivalent experience
In-depth knowledge and experience working with common regulatory framework applications related to data security, including HIPAA, HITRUST, – General Data Protection Regulation (GDPR), National Institute of Standards & Technology (NIST) standards, and similar constructs are highly desired
Previous knowledge and experience in designing and architecting information technology and security controls across complex and diverse networks, applications, and infrastructures are strongly preferred
Technical aptitude, critical thinking skills, and the ability to think outside the box
Demonstrated ability to solve complex information security problems, observe security risks and weaknesses, and provide security recommendations to the respective project and delivery teams
Ability to translate technical risk issues to business leaders and upper management
Excellent verbal, written, and interpersonal communication skills
Detail-oriented and value teamwork
Ability to resolve problems as they arise and handle situations expediently

Job Responsibility

Implement Data Security Management and Operation models
Establish various security compliance standards including (but not limited to) NIST(National Institute of Standards and Technology), FIPS(Federal Information Processing Standards), FedRAMP(Federal Risk and Authorization Management Program)
Engage with agency Privacy and Security office teams to exchange Compliance reports and obtain approvals as necessary
Involve with auditors as necessary to provide compliance reports as requested and implement mitigation steps as required
Implement process and tools for application vulnerability testing(SAST/DAST)
Establish and manage a vulnerability management including coordination of penetration testing and ongoing vulnerability remediation, tracking, and security compliance reporting
Setup requirements for penetration testing and engage with vendors and agencies to perform/report pen tests
Setup infrastructure audits and reports with the help of system admins and vendors as necessary
Maintaining the system integrity and security by following the industry standard IT Controls
Implement automation of systems administration and software migration for QA and Production

Select Country

FedRAMP Program Manager

Job Description

Job Responsibility

Requirements

Nice to have

What we offer

Looking for more opportunities?