Workstreet Logo

Workstreet

Senior GRC Engineer (NIST 800-53/FedRAMP)

Posted 10 Days Ago
Remote
Hiring Remotely in United States
Senior level
Remote
Hiring Remotely in United States
Senior level
Lead client-facing federal compliance engagements for NIST SP 800-53 and FedRAMP: perform gap assessments, develop SSPs and POA&Ms, coordinate A&A with 3PAOs, mentor a small compliance team, and drive remediation and continuous monitoring for FedRAMP baselines.
The summary above was generated by AI

About Workstreet
At Workstreet, we're on an exciting journey to help businesses scale securely by designing and implementing cutting-edge security and compliance programs. As a fast-growing startup, we specialize in a wide range of frameworks — including SOC 2, ISO 27001, GDPR, CMMC, NIST 800-171, NIST 800-53, and FedRAMP — empowering companies to meet regulatory requirements and enhance their cybersecurity posture from day one.

The Opportunity

We are seeking a Sr. GRC Engineer (Government) who is highly motivated, detail-oriented, and experienced with these compliance frameworks. The ideal candidate will have strong communication skills, proven ability to manage multiple projects, and experience leading or mentoring a small team.

What You'll Do
Client Relationship Management (Primary Focus)
  • Guide Clients Through Federal Authorization Processes: Lead clients through NIST SP 800-53 and FedRAMP compliance initiatives, providing proactive communication, clear milestone guidance, and hands-on support throughout the Assessment and Authorization (A&A) lifecycle.
  • Collaborate Closely with Clients: Partner directly with organizations pursuing federal authorizations to understand their environment, identify security gaps, and drive progress toward achieving and maintaining compliance.
  • Be a Trusted Compliance Advisor: Deliver expert guidance on NIST SP 800-53, FedRAMP requirements, and federal cybersecurity standards in a way that is accessible, actionable, and aligned with each client's unique operational environment.


Team Leadership

  • Lead and Mentor a Compliance Team: Provide direction, feedback, and professional development support to a small team of compliance professionals, maintaining quality standards and accountability across client engagements.
  • Drive Consistent Delivery: Manage and coordinate multiple NIST SP 800-53 and FedRAMP compliance projects across various clients, ensuring milestones and deliverables are met ahead of authorization deadlines.

NIST 800-53 & FedRAMP Compliance Execution

  • Interpret and Apply Security Controls: Analyze and interpret NIST SP 800-53 security and privacy controls and control baselines to ensure client compliance with federal cybersecurity standards.
  • Develop and Maintain Authorization Documentation: Create, implement, and maintain System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), and other authorization documentation required for NIST SP 800-53 and FedRAMP.
  • Conduct Gap Assessments: Perform readiness reviews to identify and address control deficiencies for organizations pursuing an Authorization to Operate (ATO) or FedRAMP authorization.
  • Support Assessment Activities: Guide clients through the Assessment and Authorization (A&A) process and coordinate with Third-Party Assessment Organizations (3PAOs) and independent assessors.
  • Collaborate on Remediation Efforts: Work closely with clients to identify and remediate gaps in their security programs to meet NIST SP 800-53 Low, Moderate, and High control baselines.
  • Monitor Regulatory Updates: Stay current on evolving NIST SP 800-53 revisions, FedRAMP requirements, and federal cybersecurity policies and guidance to ensure client programs remain compliant and ahead of changing requirements.
Who You Are
Required
  • Strong organizational skills with the ability to manage multiple NIST SP 800-53 compliance projects concurrently.
  • 5+ years of experience in federal compliance, NIST SP 800-53, FedRAMP, or RMF implementation.
  • 3+ years of leadership experience managing or guiding a small team.
  • Deep understanding of the NIST Risk Management Framework (RMF) and the security and privacy control families within NIST SP 800-53.
  • Experience with NIST SP 800-53 control implementation and assessment.
  • Familiarity with FedRAMP authorization paths and federal agency workflows.
  • Experience working with cloud service providers (CSPs) or organizations pursuing federal authorizations.
  • Knowledge of common FedRAMP-authorized cloud environments such as AWS GovCloud, Azure Government, or GCC High.
  • Thrives in a fast-paced startup environment.
Nice to Have
  • CGRC (Certified in Governance, Risk and Compliance) or CAP (Certified Authorization Professional) certification.
  • Security+ or CISSP certification.
  • Experience with FedRAMP authorization and continuous monitoring (ConMon) activities.
  • Previous experience working directly with 3PAOs or as part of security assessment teams.
What We Offer
  • Career Development: Clear growth path with mentorship and training opportunities
  • Technical Training: Comprehensive onboarding on security and compliance frameworks
  • Competitive Compensation: Competitive base salary with regular performance reviews, merit-based appraisals, and bonus opportunities
  • Growth Opportunity: Early-stage company with significant room for career advancement
  • Remote-First Culture: Flexibility to work from anywhere while collaborating with a global team
Work Environment Requirements
  • Reliable high-speed internet connection
  • Quiet, professional home office setup
  • Must be amenable to working US Eastern Time zone hours
  • Fluency in written and verbal English communication skills

Workstreet Is An Equal Opportunity Employer

As an equal opportunity employer, Workstreet is committed to providing employment opportunities to all individuals. All applicants for positions at Workstreet will be treated without regard to race, color, ethnicity, religion, sex, gender, gender identity and expression, sexual orientation, national origin, disability, age, marital status, veteran status, pregnancy, or any other basis prohibited by applicable law.

Employment with Workstreet is contingent upon the successful completion of a background check, which may include verification of employment history, education, and other relevant information, in compliance with applicable laws.


Similar Jobs

14 Minutes Ago
Easy Apply
Remote
United States
Easy Apply
328K-490K Annually
Senior level
328K-490K Annually
Senior level
Big Data • Fintech • Mobile • Payments • Financial Services
Lead and scale a team of Key & Enterprise Account Executives across US Travel, New Markets, and Canada. Drive GTM strategy, executive stakeholder management, complex deal negotiation, cross-functional deal orchestration, forecasting rigor, and post-close launch/expansion. Recruit, coach, and hold the team accountable while traveling regularly to accelerate deals and represent Affirm at industry events.
21 Minutes Ago
Remote or Hybrid
USA
86K-135K Annually
Mid level
86K-135K Annually
Mid level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Lead technical onboarding for mid-market CrowdStrike customers post-sale, manage implementations, define 90-day success criteria, troubleshoot technical issues, escalate and coordinate cross-functional resolution, create knowledge base content, advocate for customers, identify renewal risks, and drive process improvements to ensure long-term customer success.
Top Skills: Ai TechnologiesCrowdstrike PlatformEnterprise Web TechnologiesLinuxmacOSSaaSSecurityWindows Server
2 Hours Ago
Remote or Hybrid
80K-120K Annually
Mid level
80K-120K Annually
Mid level
Automotive • Professional Services • Software • Consulting • Energy • Chemical • Renewable Energy
The Data Scientist will analyze complex datasets, build predictive models, collaborate with stakeholders, and present insights for business decisions.
Top Skills: Power BIPythonRSQLTableau

What you need to know about the Boston Tech Scene

Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.

Key Facts About Boston Tech

  • Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
  • Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
  • Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
  • Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account