We Break the Attack Chain
Compliance Program Strategist
Location
United States
Posted
116 days ago
Salary
$95K - $120K / year
No structured requirement data.
Job Description
Compliance Program Strategist
Fortra
Whether you’re an experienced professional or just getting started, your contributions matter at Fortra. If you’re passionate about tackling meaningful challenges alongside talented team members committed to helping each other succeed, all while having lots of fun, we want to hear from you. We offer competitive benefits and salaries, personal and professional development opportunities, flexibility, and much more! We are seeking an experienced Compliance Strategist, FedRAMP to lead, coordinate, and deliver our organization’s compliance authorization journey, starting with FedRAMP. This role will own the strategy end-to-end—driving planning, execution, and ongoing management of the program across internal teams, external vendors, and government stakeholders. The successful candidate will be accountable for achieving initial FedRAMP authorization (targeted for 2026-2027) and ensuring the organization remains compliant through a sustainable, phased approach. This is a high-visibility role requiring strong program management expertise, deep knowledge of FedRAMP and similar frameworks, experience working with Public Sector & Federal Government teams, and the ability to operate across technical, compliance, and business domains. WHAT YOU'LL DO Program Leadership & Ownership - Serve as the primary owner of the organization’s compliance/certification program, accountable for strategy, execution, and ongoing maintenance. - Act as a central liaison between executive leadership, security/compliance teams, product/engineering, operations, vendors, auditors, and government agencies. - Partner with additional internal teams such as legal, finance, sales, and marketing. Project Delivery & Execution - Develop and manage a detailed roadmap from program initiation through FedRAMP authorization of the first module in 2026/7, then subsequent modules or future certifications. - Lead cross-functional project execution, ensuring coordination between internal and external stakeholders. - Implement a phased, milestone-driven approach ensuring program milestones are clearly defined, tracked, and delivered on time. - Effectively communicate progress, roadblocks, and outcomes to senior leadership and stakeholders. Compliance & Risk Management - Apply deep knowledge of cybersecurity compliance frameworks, and public sector compliance requirements to guide program activities. - Identify, assess, and manage risks throughout the program lifecycle, ensuring transparency and proactive mitigation. - Ensure security and compliance activities align with organizational goals and regulatory expectations; partnering with CISO compliance organization. Business & Financial Stewardship - Partner with Finance and Business leaders to build business cases, forecast costs, and track program to budget spend. - Provide scenario planning and financial oversight to ensure cost-effective delivery. - Regularly report on program status, risks, and financial health to leadership. - Future-proof cost-benefit analysis by designing playbook of pursuing and implementing strategic compliance certifications. Continuous Improvement & Sustainment - Establish processes for continuous monitoring, documentation, and renewal of authorization. - Drive lessons learned and best practices into ongoing compliance efforts. - Serve as a subject matter expert on public sector compliance strategy, supporting business development and customer-facing teams as needed. - Evaluate current and future compliance needs of Fortra’s customers, products, and platform. QUALIFICATIONS - Proven experience leading FedRAMP (or similar certification) authorization efforts from initiation through authorization and/or continuous monitoring. - Strong program management skills with a track record of delivering complex, cross-functional initiatives. - Expertise in NIST frameworks, FedRAMP processes, and public sector compliance requirements. Knowledge of like frameworks such as SOC2, ISO, etc., a plus. - Strong ability to operate at both strategic and tactical levels, driving execution while providing executive-level reporting and insights. - Exceptional communication and stakeholder management skills. - Strong business acumen with a pragmatic approach to decision making and data-gathering Preferred Qualifications - Bachelor’s Degree or relevant certification equivalent. - Experience working with government agencies, 3PAOs, and cloud service providers. - Background in risk management, compliance operations, or security program management. - Strong financial acumen and experience managing program budgets. Success Measures (for Initial FedRAMP focus) - Development and execution of a clear, phased FedRAMP roadmap. - Achievement of FedRAMP authorization for the first module by 2026/7. - Effective ongoing risk management and compliance oversight. - Positive executive and stakeholder engagement throughout the program. - Establishment of sustainable processes for continuous monitoring and renewal. COMPENSATION: $95,000 - $120,000 At Fortra, we’re breaking the attack chain. Ready to join us? At Fortra, our compensation philosophy prioritizes fair market value and internal equity, aligning with your experience and specialized skill set. As a full-time, exempt employee at Fortra, you’ll enjoy a comprehensive benefits package that includes: - Health, dental, and vision coverage as of hire - Immediate enrollment in 401(k), HSA, and FSA plans - Flexible PTO policy - Tuition and personal enrichment reimbursement - Option to enroll in ID Theft Protection Program At Fortra, work is only part of the story. Explore what Life at Fortra is all about, from perks that support holistic wellbeing to a culture that keeps you connected and empowered to make an impact beyond the job. Visit our website to learn more about why employees choose to work for Fortra. Remember to connect with us on LinkedIn. As an EEO/Affirmative Action Employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, veteran or disability status.
Related Guides
Related Categories
Related Job Pages
More Compliance Jobs
Director - Vehicle and Connected Services Monitoring
Ford Motor CompanyAs Ford establishes a wholly owned subsidiary focused on Battery Energy Storage Systems, this role will initially be employed by Ford and is expected to transition to the subsidiary within one year.
This leadership role within the Vehicle and Connected Cybersecurity organization is responsible to lead the "eyes and ears" of the company. You will lead a global team of experts tasked with monitoring trillions of signals from vehicle telematics, embedded systems, and cloud-native application stacks, ensuring that millions of connected vehicles and the cloud services that power them are continuously protected against sophisticated global threats. Your mandate covers the entire lifecycle of a threat—from proactive intelligence gathering and managing global bug bounty programs to real-time detection engineering and high-stakes incident response. As a key leader in the Ford+ transformation, you will bridge the gap between Product Development, Model e, Ford Pro, and Enterprise IT to ensure a unified, world-class defense posture. - Global Vehicle & Application Monitoring (VSOC/ASOC Operations): Directing 24/7 monitoring for Ford’s global connected fleet and digital services, ensuring operational excellence with high-fidelity visibility across geographies, and overseeing the analysis of vast signals from vehicle telematics, embedded systems, and cloud-native applications. - Analysis & Incident Response (CIRT Partnership): Serving as the primary executive lead for security incidents involving vehicles or connected services, partnering with the corporate Incident Response Team (CIRT), directing forensic analysis on vehicle-specific protocols (CAN, Automotive Ethernet) and cloud/mobile application stacks, and developing rapid-response playbooks including Over-the-Air (OTA) security mitigations. - Monitoring Development & Detection Engineering: Leading teams to build advanced detection logic, behavioral heuristics, and Machine Learning (ML) models for automotive attack patterns, driving the implementation of Security Orchestration, Automation, and Response (SOAR) platforms, and integrating data science for anomaly detection. - Product Threat Intelligence: Building and leading a dedicated capability to track threat actors targeting the automotive sector, EV charging infrastructure, and fleet management tools, translating intelligence into proactive defense strategies, and representing Ford in industry forums like Auto-ISAC. - Threat Hunting & Bug Bounty Program: Leading a specialized hunt team to identify hidden threats and vulnerabilities, overseeing Ford’s Coordinated Vulnerability Disclosure (CVD) and Bug Bounty programs, and aligning insights with internal red-teaming and secure-coding priorities. - Executive Leadership & Qualifications: Defining and executing a global monitoring roadmap aligned with Ford’s software-centric transition, acting as the primary authority for operational cyber risks, leading and mentoring a global organization, and influencing cross-functional partners - Education: Bachelor’s degree in Computer Science, Cybersecurity, or Engineering (Master’s or PhD highly preferred). - Experience: 15+ years in Cybersecurity, with at least 7 years in a senior leadership role overseeing large-scale SOC or Incident Response organizations. - Technical Depth: Deep understanding of SOC operations, threat intelligence frameworks (MITRE ATT&CK), and automotive-specific security challenges. - Executive Presence: Proven ability to manage high-pressure security incidents and communicate complex technical risks to non-technical stakeholders. You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply! As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder…or all of the above? No matter what you choose, we offer a work life that works for you, including: • Immediate medical, dental, vision and prescription drug coverage • Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more • Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more • Vehicle discount program for employees and family members and management leases • Tuition assistance • Established and active employee resource groups • Paid time off for individual and team community service • A generous schedule of paid holidays, including the week between Christmas and New Year’s Day • Paid time off and the option to purchase additional vacation time. This position is leadership level 5 and ranges from $138,240-261,720. Final determination of salary grade will be based on candidate's skills and experience, and base salary will be set within the applicable range according to job scope, responsibility and competitive market value. For more information on salary and benefits, click here: https://fordcareers.co/LL5 Visa sponsorship is not available for this position. Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660. #LI-Remote #LI-GR1
Pricing Compliance Analyst IV
AmentumA Premier Leader in Global Engineering, Project Management, and Solutions Integration.
• Performs quality assurance reviews and ensures adherence to Federal Acquisition Regulations (FAR) • Handles complex pricing scenarios as the final compliance checkpoint before submission • Analyzes and remediates compliance risks within pricing models and contract terms • Coordinates with internal business units and supports government auditor requests • Develops and delivers training to enhance compliance culture • Conducts internal audits of proposal pricing records • Provides pricing guidance and support to generate reports and monitor metrics • Improves efficiency by streamlining workflow and implementing better control mechanisms
Pricing Compliance Analyst III
AmentumA Premier Leader in Global Engineering, Project Management, and Solutions Integration.
• Support the Director of Pricing Compliance • Conduct reviews and audit activities • Perform quality assurance reviews for adherence to FAR and TCoPD • Analyze, identify, and remediate compliance risks • Assist in ensuring adherence to federal regulations and internal policies • Conduct comprehensive internal audits • Review pricing documentation for accuracy • Identify risks, trends, and prepare reports for management
Chief Compliance Officer – Fractional
WheelThe virtual care platform for delivering consumer-centric care
• Compliance Discovery & Program Architecture • Regulatory Audit: Lead an exhaustive "baseline" audit of clinical and business operations to identify and remediate regulatory vulnerabilities. • OIG Alignment: Design and maintain a Corporate Compliance Program rooted in the OIG’s Seven Elements of an Effective Compliance Program. • Strategic Roadmap: Develop and execute a multi-year compliance strategy that anticipates the regulatory hurdles of new service lines and geographic expansion. • Regulatory Oversight & Signatory Authority • Official Signatory: Act as the authorized signatory for all legal compliance documents, including state licensing applications, Medicare/Medicaid enrollments, regulatory filings, and Attestations of Compliance (AoC). • 50-State Telehealth Governance: Ensure absolute adherence to varying state laws regarding synchronous/asynchronous care, provider licensure, and "good faith exam" requirements. • Prescribing Compliance: Manage key risks associated with remote prescribing including DEA compliance if necessary. • Privacy & Security: Serve as the final authority on HIPAA/HITRUST compliance, overseeing data integrity across our platform and third-party integrations. • Operational Integration & "Compliance by Design" • SOP Governance: Author and enforce a comprehensive library of Standard Operating Procedures (SOPs) and the Corporate Code of Conduct. • Product Collaboration: Partner with Product and Engineering to embed "Compliance by Design" into the patient platform, ensuring automated safeguards for clinical workflows. • Reporting Infrastructure: Manage the anonymous reporting hotline and lead all formal internal investigations and disclosures. • Monitoring, Auditing & Corporate Reporting • FWA Prevention: Implement a continuous monitoring system for billing and coding to mitigate **Fraud, Waste, and Abuse (FWA)** risks. • Corporate Governance: Provide quarterly briefings to the leadership on the enterprise risk profile, mitigation progress, and the impact of legislative shifts.


