Program Manager - FedRAMP ›
Filevine
Operations
Salt Lake City, UT, USA
Posted on Jan 10, 2025
Responsibilities
- Program Leadership
- Develop and execute a comprehensive program roadmap to achieve FedRAMP Moderate compliance.
- Act as the primary point of contact for all FedRAMP-related activities, including audits, assessments, and stakeholder communications.
- Cross-Departmental Coordination
- Collaborate with engineering, IT, security, product, legal, and other departments to align resources and timelines.
- Identify and manage cross-functional dependencies, ensuring teams are equipped to meet compliance requirements.
- FedRAMP Expertise
- Guide the organization through the process of achieving FedRAMP Ready status and eventually full certification.
- Provide expertise on FedRAMP requirements, including security controls, documentation, and technical implementations.
- Engage with Third Party Assessment Organizations (3PAOs) and federal agency sponsors to facilitate the certification process.
- Risk Management and Compliance
- Conduct gap analyses to identify areas of non-compliance and develop strategies to address them.
- Implement a risk management framework that supports FedRAMP compliance and integrates with existing organizational processes.
- Program Management
- Establish and track project milestones, deliverables, and KPIs.
- Manage timelines, budgets, and resources to ensure program success.
- Provide regular updates and reports to senior leadership and key stakeholders.
- Documentation and Process Development
- Oversee the creation and maintenance of FedRAMP documentation, including System Security Plans (SSPs), policies, and procedures.
- Develop sustainable processes to ensure ongoing compliance post-certification.
- Change Management
- Lead organizational change initiatives required to embed FedRAMP requirements into the company’s culture and operational practices.
Qualifications
- Required:
- Education: Bachelor’s degree
- Experience:
- Minimum of 7 years of experience in program management, product management, compliance, or related fields, with a focus on SaaS or cloud-based platforms.
- Proven track record of leading a SaaS company through the FedRAMP certification process, including achieving FedRAMP Ready status.
- Experience in organizing engineering work in large engineering organizations, with a deep understanding of cross-departmental dependencies.
- Skills:
- Strong project management skills, including the ability to manage complex programs with multiple stakeholders.
- Familiarity in compliance frameworks (e.g., FedRAMP, NIST 800-53, SOC 2).
- Excellent communication and interpersonal skills, with the ability to influence and align diverse teams.
- Analytical mindset with the ability to assess risks and develop actionable solutions.
- Education and Certifications:
- Bachelor’s degree
- Relevant certifications such as PMP, CISSP, CISM, or CISA are a plus.