FedRAMP/GovRAMP Compliance Program Lead

InterSystems is expanding its cloud compliance and security capabilities to support government cloud offerings and customers with rigorous public-sector requirements. We are seeking a FedRAMP / GovRAMP Compliance Program Lead to build and lead our authorization readiness program.

This highly visible, cross-functional role partners with Product, Engineering, Cloud Services, Security, Managed Services, Support, Legal, and external assessment organizations to establish a scalable compliance program that supports FedRAMP and GovRAMP authorization and ongoing continuous monitoring.

The ideal candidate combines expertise in FedRAMP, GovRAMP, NIST 800-53, cloud security, and audit readiness with strong program management skills to translate regulatory requirements into practical, sustainable operational processes.

What You'll Do

• Lead the FedRAMP/GovRAMP readiness program, including roadmap development, milestone tracking, risk management, and executive reporting.
• Define and maintain the authorization boundary with Product, Engineering, Cloud Services, Security, and other stakeholders.
• Coordinate readiness assessments, gap analyses, remediation planning, and formal assessments with external advisors and 3PAOs.
• Develop and maintain key authorization artifacts, including the System Security Plan (SSP), policies, procedures, control narratives, evidence repositories, POA&Ms, and continuous monitoring documentation.
• Translate FedRAMP, GovRAMP, and NIST 800-53 requirements into actionable control ownership and operational processes.
• Establish repeatable evidence collection, control validation, and audit readiness practices across technical and business teams.
• Track remediation activities, findings, risks, and POA&M items through completion.
• Partner with technical teams to align cloud architecture, change management, incident response, vulnerability management, access control, logging, and monitoring with compliance requirements.
• Facilitate governance meetings, monitor program progress, and communicate readiness, risks, and recommendations to executive leadership.
• Help establish the long-term operating model for maintaining an authorized government cloud environment.

What We're Looking For

Required Qualifications

• 12+ years of experience leading or supporting FedRAMP, GovRAMP, StateRAMP, or comparable cloud compliance programs.
• Strong knowledge of NIST 800-53 and cloud security frameworks.
• Experience supporting authorization activities, audits, continuous monitoring, or security assessments.
• Familiarity with FedRAMP documentation, including SSPs, SAPs, SARs, POA&Ms, policies, procedures, and evidence packages.
• Strong understanding of SaaS and cloud environments, preferably AWS, AWS GovCloud, Azure Government, or similar regulated platforms.
• Excellent program management skills with experience driving cross-functional initiatives, managing risks, and delivering executive reporting.
• Ability to translate complex compliance requirements into clear operational guidance for technical and non-technical stakeholders.
• Strong written communication and documentation skills.

Preferred Qualifications

• Experience achieving or maintaining FedRAMP Moderate/High, GovRAMP, or StateRAMP authorizations.
• Experience working with 3PAOs, advisory firms, or government sponsors.
• Background in healthcare, life sciences, public sector, or other regulated industries.
• Familiarity with AWS GovCloud, Kubernetes, infrastructure as code, vulnerability management, identity and access management, or security monitoring.
• Experience with GRC platforms, compliance automation, or continuous monitoring tools.
• Relevant certifications such as CISSP, CISM, CISA, CRISC, CCSP, CCSK, PMP, or Security+.

We are an equal-opportunity employer and do not discriminate because of race, color, religion, sex, national origin, ancestry, marital status, veteran status, age, disability, sexual orientation or gender identity or expression or any other legally protected category. InterSystems is an E-Verify Employer in the United States.