[Remote] GRC Analyst / FedRAMP Project Manager
Note: The job is a remote job and is open to candidates in USA. Leidos Digital Solutions, Inc. is seeking a GRC Analyst / FedRAMP Project Manager to coordinate efforts for maintaining and strengthening their FedRAMP Moderate Authorization to Operate for their IQ product SaaS offering. The role involves leading compliance efforts, managing risk, and ensuring adherence to evolving FedRAMP standards.
Responsibilities
- Ensuring government and industry standards are met by managing risk, overseeing compliance, and developing security policies
- Lead readiness for evolving FedRAMP standards, including FedRAMP 20x. Manage transition to 20x by tracking program changes, identifying compliance gaps, and coordinating documentation and process updates with engineering, development and other stakeholders
- Manage continuous monitoring (ConMon), POA&Ms, annual assessments, evidence quality, and overall ATO health
- Translate regulatory and framework requirements into clear, implementable expectations
- Contribute to the development, review, and maintenance of information security policies, standards, and procedures
- Maintain awareness of emerging threats, regulatory changes, and industry best practices
- Partner with engineering, development, and business teams to support effective and practical security control implementation
- Primary driver for the continued success of an established FedRAMP program with multiple agency customers
- Act as main point of contact and liaison with agencies, PMO, 3PAO, and Infrastructure provider
- Manage the comprehensive project plan, schedule, and budget for ongoing FedRAMP compliance
- Prepare, schedule, and lead annual assessment with 3PAO
- Update, review, and submit documentation and artifacts required by the security package – SSP, POA&M, and SAR
- Guide the organization in adhering to the required FedRAMP security controls
- Manage relationship with FedRAMP infrastructure provider to include tickets, regular meetings, vulnerability scanning, reporting, billing, etc
- Provide awareness to internal stakeholders relating to CIRTs and changes in the FedRAMP program
- Provide support to Sales and Marketing activities such as reviewing RFPs and providing response content on Proposals for Security and Control related questions
Skills
- Bachelor's degree with 2-4+ years of relevant experience in cybersecurity, risk management, governance, or a related field. Experience may be substituted for education
- Technical understanding of security architecture and practical knowledge of leading software security products
- Exceptional research skills with a strong understanding of cloud architecture, automation, and the ability to identify, interpret, and apply requirements, standards and guidance
- Experience with project management
- Experience with software configuration management processes, procedures and products
- A solid understanding of industry best practices and a commitment to operational excellence
- Familiarity with cybersecurity and risk management frameworks including, but not limited to, FedRAMP, FISMA, NIST 800-53, NIST 800-171, NIST RMF
- Excellent verbal and written communication skills with a corresponding command of Microsoft Office suite products (Word, Excel, Visio, PowerPoint)
- The ability to quickly establish solid working relationships with coworkers and customers to effectively integrate into a complex technical program with many moving parts
- The ability to multi-task and complete projects/tasks with minimal supervision in an environment that is fast-paced, complex and changing
- Attention to detail with the persistence to track tasks/projects for long-term success
- Analytical skill to manipulate and interpret data for actionable insights
- Ability to obtain a Top Secret Clearance
- Familiarity with the Leidos DSI FedRAMP process
- Familiarity with CRM software solutions
- Familiarity with cloud-based software deployment models and architectures
- Understanding of PII/PHI/CUI data protection requirements
- Experience working with or for government customers
- Experience supporting or validating controls on FedRAMP Moderate systems
- Experience briefing customers on Monthly FedRAMP reporting
Benefits
- Flexible work arrangements
- Management team that encourages your career development and growth
- Mentoring
- Formal and informal project management training
- Assistance with obtaining pertinent certifications
- Welcoming culture that recognizes the importance of a strong work/life balance
- Competitive compensation and benefits
Company Overview