Best-in-class trust services for high-growth companies. Vanta’s biggest services partner.
Senior GRC Engineer – NIST 800-53/FedRAMP
Location
United States
Posted
3 days ago
Salary
0
Seniority
Senior
Job Description
Senior GRC Engineer – NIST 800-53/FedRAMP
Workstreet
• Guide Clients Through Federal Authorization Processes: Lead clients through NIST SP 800-53 and FedRAMP compliance initiatives, providing proactive communication, clear milestone guidance, and hands-on support throughout the Assessment and Authorization (A&A) lifecycle • Collaborate Closely with Clients: Partner directly with organizations pursuing federal authorizations to understand their environment, identify security gaps, and drive progress toward achieving and maintaining compliance • Be a Trusted Compliance Advisor: Deliver expert guidance on NIST SP 800-53, FedRAMP requirements, and federal cybersecurity standards in a way that is accessible, actionable, and aligned with each client's unique operational environment • Lead and Mentor a Compliance Team: Provide direction, feedback, and professional development support to a small team of compliance professionals, maintaining quality standards and accountability across client engagements • Drive Consistent Delivery: Manage and coordinate multiple NIST SP 800-53 and FedRAMP compliance projects across various clients, ensuring milestones and deliverables are met ahead of authorization deadlines • Interpret and Apply Security Controls: Analyze and interpret NIST SP 800-53 security and privacy controls and control baselines to ensure client compliance with federal cybersecurity standards • Develop and Maintain Authorization Documentation: Create, implement, and maintain System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), and other authorization documentation required for NIST SP 800-53 and FedRAMP • Conduct Gap Assessments: Perform readiness reviews to identify and address control deficiencies for organizations pursuing an Authorization to Operate (ATO) or FedRAMP authorization • Support Assessment Activities: Guide clients through the Assessment and Authorization (A&A) process and coordinate with Third-Party Assessment Organizations (3PAOs) and independent assessors • Collaborate on Remediation Efforts: Work closely with clients to identify and remediate gaps in their security programs to meet NIST SP 800-53 Low, Moderate, and High control baselines • Monitor Regulatory Updates: Stay current on evolving NIST SP 800-53 revisions, FedRAMP requirements, and federal cybersecurity policies and guidance to ensure client programs remain compliant and ahead of changing requirements
Job Requirements
- Strong organizational skills with the ability to manage multiple NIST SP 800-53 compliance projects concurrently
- 5+ years of experience in federal compliance, NIST SP 800-53, FedRAMP, or RMF implementation
- 3+ years of leadership experience managing or guiding a small team
- Deep understanding of the NIST Risk Management Framework (RMF) and the security and privacy control families within NIST SP 800-53
- Experience with NIST SP 800-53 control implementation and assessment
- Familiarity with FedRAMP authorization paths and federal agency workflows
- Experience working with cloud service providers (CSPs) or organizations pursuing federal authorizations
- Knowledge of common FedRAMP-authorized cloud environments such as AWS GovCloud, Azure Government, or GCC High
- Thrives in a fast-paced startup environment
Benefits
- Career Development: Clear growth path with mentorship and training opportunities
- Technical Training: Comprehensive onboarding on security and compliance frameworks
- Competitive Compensation: Competitive base salary with regular performance reviews, merit-based appraisals, and bonus opportunities
- Growth Opportunity: Early-stage company with significant room for career advancement
- Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team
Related Guides
Related Job Pages
More Full-stack Engineer Jobs
• Design, build, and maintain shared platform components across the Titan platform • Develop features and resolve defects across UI, backend services, APIs, and shared services • Write clean, testable, maintainable code with appropriate automated test coverage • Debug complex issues across the stack and support production-quality delivery • Participate in code reviews, pull requests, technical design discussions, and architecture decisions • Collaborate with QA, Product Management, and development teams across the organization • Support secure development practices, including authentication, authorization, roles, and platform security • Improve platform performance, stability, reliability, tooling, documentation, and development processes • Support customer escalations related to shared platform functionality
• Build education products and product features from early concept through to production. • Work directly with teachers, technical teams and education partners to understand workflows, pain points and priorities. • Turn complex or incomplete requirements into clear, practical and usable product solutions. • Design and build product experiences that integrate naturally with learning platforms and education systems. • Work across frontend, backend, APIs, integrations and data models where needed. • Build prototypes quickly, test them with users and turn successful concepts into reliable, maintainable products. • Work closely with Backend and AI Engineers to make technical and AI capabilities genuinely useful in real education workflows. • Improve usability, reliability, performance and product quality through active iteration. • Investigate issues independently, identify the underlying problem and drive practical improvements. • Use AI-assisted development tools where appropriate to accelerate delivery while maintaining strong engineering judgement and product quality. • Write clean, tested and maintainable code.
• Build education products and product features from early concept through to production. • Work directly with teachers, technical teams and education partners to understand workflows, pain points and priorities. • Turn complex or incomplete requirements into clear, practical and usable product solutions. • Design and build product experiences that integrate naturally with learning platforms and education systems. • Work across frontend, backend, APIs, integrations and data models where needed. • Build prototypes quickly, test them with users and turn successful concepts into reliable, maintainable products. • Work closely with Backend and AI Engineers to make technical and AI capabilities genuinely useful in real education workflows. • Improve usability, reliability, performance and product quality through active iteration. • Investigate issues independently, identify the underlying problem and drive practical improvements. • Use AI-assisted development tools where appropriate to accelerate delivery while maintaining strong engineering judgement and product quality. • Write clean, tested and maintainable code.
• Build education products and product features from early concept through to production. • Work directly with teachers, technical teams and education partners to understand workflows, pain points and priorities. • Turn complex or incomplete requirements into clear, practical and usable product solutions. • Design and build product experiences that integrate naturally with learning platforms and education systems. • Work across frontend, backend, APIs, integrations and data models where needed. • Build prototypes quickly, test them with users and turn successful concepts into reliable, maintainable products. • Work closely with Backend and AI Engineers to make technical and AI capabilities genuinely useful in real education workflows. • Improve usability, reliability, performance and product quality through active iteration. • Investigate issues independently, identify the underlying problem and drive practical improvements. • Use AI-assisted development tools where appropriate to accelerate delivery while maintaining strong engineering judgement and product quality. • Write clean, tested and maintainable code.
