FedRAMP Analyst
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
FedRAMP Analyst overseeing compliance and continuous monitoring of federal-authorized platforms at Clearview AI. Working closely with engineering, security, and legal teams for effective compliance management.
Responsibilities:
- Execute the monthly FedRAMP CONMON calendar and ensure timely completion of all required artifacts and submissions.
- Own monthly vulnerability remediation tracking: intake scan outputs, open/track remediation tickets, validate closure evidence, and ensure SLA adherence (e.g., 30/90/180-day timelines).
- Maintain and update the Plan of Action and Milestones (POA&M): create/update POA&M items, document milestones, track due dates, coordinate risk statements with Legal, and route for approvals.
- Generate and maintain monthly inventory and configuration evidence (e.g., Integrated Inventory Workbook/IIW updates, authorized software evidence, baseline/config drift support).
- Prepare monthly CONMON reporting packages, including Monthly Security Status Reports, CONMON Executive Summary inputs, deviation requests, and other stakeholder reports required by the Sponsoring Agency, FedRAMP PMO, or Authorizing Official.
- Prepare deviation and exception requests: gather technical justification, compensating control documentation, scope/impact statements, and route through required approvals.
- Support continuous monitoring governance activities: access review evidence, log/monitoring review evidence, and coordination of corrective actions with Engineering and Security & IT.
- Maintain the CONMON and ATO artifact repository in Google Drive (or designated system): version control, naming conventions, evidence indexing, and audit-ready structure.
- Support annual security testing activities (e.g., penetration tests, red-team exercises if applicable, IR/ISCP tabletop exercises) by tracking schedules, collecting artifacts, and documenting remediation status.
- Support annual 3PAO assessment coordination: evidence collection, interview scheduling, assessor Q&A tracking, and findings remediation tracking in partnership with the VP, Federal Operations.
- Support significant change workflows: help determine compliance impact, document change narratives, update SSP appendices as required, and maintain change evidence for CONMON.
- Track training compliance for federal systems (Rules of Behavior acknowledgements, required awareness training completion) in coordination with People Ops and Security & IT.
- Serve as a primary day-to-day point of contact for internal stakeholders for FedRAMP evidence requests and compliance status updates; escalate risks and blockers to the VP, Federal Operations.
Requirements:
- 3+ years of experience in cybersecurity compliance, GRC, or operating regulated cloud environments (FedRAMP, DoD IL, CJIS, HIPAA, PCI, ISO 27001/42001, or similar).
- Demonstrated experience executing continuous monitoring or recurring compliance reporting programs (monthly cadence preferred).
- Working knowledge of NIST 800-53 and FedRAMP concepts (POA&M management, SSP/ATO artifact structure, assessment evidence expectations).
- Experience coordinating vulnerability remediation tracking and translating technical findings into compliance artifacts (tickets, evidence, milestones, risk language).
- Strong project management and organizational skills; ability to manage multiple deadlines and stakeholder inputs.
- Excellent communication skills for producing audit-ready narratives, status reports, and executive summaries.
- Comfort working with technical teams (Engineering, Security) to obtain evidence and validate remediation outcomes.
- Experience using common tooling for evidence and workflow tracking (Google Drive, Jira/Linear, spreadsheets, ticketing systems).
- Ability to manage confidential and sensitive cybersecurity information.
- Candidates must be able to meet government security clearance requirements as required for this role.
- **Preferred Qualifications:**
- Direct experience supporting a FedRAMP Moderate/High authorization, annual 3PAO assessment, or agency ATO process.
- Experience with SecondFront/Game Warden or other FedRAMP-adjacent platforms and inherited-control models.
- Familiarity with vulnerability scanning, SIEM/log review concepts, and secure SDLC evidence (SAST/DAST, threat modeling).
- Experience with evidence automation or compliance engineering approaches (repeatable evidence packets, templates, control mapping).
- Relevant certifications (e.g., Security+, SSCP, CISSP Associate, CAP, CISA, PMP).
Benefits:
- Medical, Dental, Vision, STD and LTD Plans
- FSA - Medical and Dependent Care
- EAP and wellness programs
- 13 Paid Holidays
- Unlimited PTO
- Flexible work environment - 100% remote
- 401(k) plan
Similar Jobs
Senior Requirements Analyst – CGI Momentum Implementation
Senior Requirements Analyst at Ibility supporting federal financial management using Momentum Financials. Collaborating with clients to improve business processes and enhance efficiency.
Senior Benefits Analyst
Senior Benefits Analyst supporting Lumos Fiber's employee benefits programs and ensuring compliance while enhancing employee experience. Collaborating with HR leadership and vendors in a fast-paced environment.
Enterprise-Wide Apps Analyst
Enterprise-Wide Apps Analyst supporting the Enterprise Resource Planning organization's Global Trade Systems team. Configuration, testing, and implementation of SAP GTS changes while providing technical direction.
HRIS Analyst I
HRIS Analyst I at ENFRA assisting with HRIS operations and support. Focused on data accuracy, reporting, and process improvement.
HRIS Analyst I
Entry-level HRIS Analyst supporting daily operations and maintenance of HRIS at ENFRA. Collaborating with HR teams and ensuring data accuracy and integrity in HRIS processes.
Data Quality Analyst – Federal Projects
Data Quality Analyst ensuring the quality and accuracy of data for GoldenWolf, providing services to federal agencies.
Senior Analyst – Forest Crime Investigations
Senior Analyst leading Indonesia's forest crime investigations for GI-TOC. Focusing on illegal logging, mining, and deforestation through research and collaboration with government and civil society.
Compensation Analyst, Senior
Compensation Analyst supporting Total Rewards function for a global pioneer in energy-saving systems. Analyzing market data and maintaining pay structures in a remote capacity.
Analyst, Client Solutions, Korean Speaker, Contractual
Client Solutions professional managing expert engagement delivery in Korea and expanding relationships with local and global clients. Collaborating with cross-regional teams to drive growth in the Japan and Korea market.
Automation and Digitalization Analyst III – Smart Products
Analista Automação e Digitalização III at ANDRITZ delivering innovative automation solutions and responsible for implementing smart products with industrial clients.
Vendor Performance Analyst
Vendor Performance Analyst responsible for procurement and performance strategy at Maersk. Developing supplier relationships and optimizing procurement spend within logistics operations.
Senior Principal Enterprise-Wide Applications Analyst
Senior Principal Enterprise-Wide Applications Analyst supporting Northrop Grumman's SAP Basis Administration with a focus on Business Technology Platform and cloud technologies.
Revenue Analyst
Revenue Analyst specializing in revenue forecasting and financial analysis for manufacturing at IEM. Collaborating with cross-functional teams to drive strategic revenue decisions.
Trade Analyst – Deductions
Trade Analyst ensuring precise financial transactions within TELUS Agriculture & Consumer Goods. Collaborating with various stakeholders to drive deduction resolution and process improvement.
APAC – 知识产权分析师
OSINT Investigator role focusing on software misuse analysis and online research in APAC. Join a remote team at Ruvixx dedicated to software compliance and piracy prevention.
APAC – 知识产权分析师, Intellectual Property Analyst
OSINT Investigator analyzing software copyright compliance for Ruvixx. Engaging in online investigations and producing structured reports while working remotely.
Functional Analyst
Business Analyst with solid experience in public administration projects and OutSystems applications. Seeking talents to boost professional success.
Catalog Analyst
Marketplace Catalog Analyst responsible for creating and optimizing Podean's global catalog across platforms and ensuring compliance with marketplace policies. Collaborating with stakeholders to enhance brand visibility and maximize audience engagement.
Rebates Analyst
Rebates Analyst responsible for ensuring accurate calculations and timely execution of rebates. Collaborating with various departments and remaining current with healthcare regulations in the United States.
Quality Analyst – Fintech Account
Quality Analyst role for fintech account ensuring Teammates' performance compliance and quality issue resolution. Preparing reports, analyzing performance, and managing client interactions in remote setting.