Source Job

US

  • Develops and refines performance methodologies that support the cybersecurity requirements.
  • Oversee independent assessments and review Security Impact Analyses (SIA).
  • Incorporate compliance data into the Governance, Risk, and Compliance Tool (GRCT).

Compliance FedRAMP RMF FISMA

20 jobs similar to Compliance Lead

Jobs ranked by similarity.

Global

  • Perform internal audits and vulnerability testing, ensuring security controls are monitored.
  • Lead security architecture governance for internal IT and projects, using Unified Architecture Framework.
  • Maintain compliance with security requirements and develop roadmaps to address evolving threats.

Jobgether is a platform connecting job seekers with companies. It uses AI-powered matching to ensure applications are reviewed quickly and fairly, identifying top candidates for employers.

Global

  • Design, implement, and maintain security controls and compliance measures to protect cloud-based data.
  • Perform security assessments and audits to ensure compliance with federal standards such as NIST 800-53 and FedRAMP.
  • Collaborate with IT and engineering teams to integrate security features into the development lifecycle.

Jobgether uses an AI-powered matching process. Their system identifies the top-fitting candidates.

US

  • Lead the end-to-end Certification & Authorization (C&A) process for information systems.
  • Maintain and update System Security Plans (SSPs), POA&Ms, and other FedRAMP/GovRAMP/NIST documentation artifacts.
  • Oversee control gap analysis and drive remediation efforts across technical and administrative domains.

EBSCO Information Services (EBSCO) delivers a fully optimized research experience, seamlessly integrated with a powerful discovery platform to support the information needs of our end-users. Headquartered in Ipswich, MA, EBSCO employs more than 2,700 people worldwide, with most embracing hybrid or remote work models.

US

  • Provide SA/OSA subject matter expertise to the Information System Security and Authorization program.
  • Review ATO packages under the RMF for customer systems and the systems of the external partners.
  • Coordinate and assist with data calls and data collection efforts for audit and compliance reporting.

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. With operations across the U.S., they deliver innovative enterprise-wide solutions and targeted services to federal government clients. They value their people and systems to create value for their clients and foster a collaborative team culture.

US

  • Ensure accuracy and consistency with compliance mandates and supporting documentation standards.
  • Develop and present data visualization solutions using PowerBI and Power Automate to provide to senior leadership.
  • Ensure that documentation, policy guidance, and reporting comply with federal standards (e.g., NIST, DHS, and OCIO) and support the ATO, SSA, and OSA processes.

SkyePoint Decisions is a Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider. They focus on enabling their clients to deliver their mission most efficiently and effectively. They are an established ISO 9001:2015 and ISO/IEC 27001:2013 certified small business and appraised at CMMI Level 3 for Services and Development with a collaborative team culture built upon individual performance and accountability.

US

  • Serve as the primary cybersecurity point of contact for assigned DoD Information Systems.
  • Collaborate with stakeholders to ensure system compliance and readiness.
  • Develop, maintain, and update all RMF authorization and GRC documentation.

LMI is a digital solutions provider dedicated to accelerating government impact with innovation. Investing in technology and prototypes ahead of need, it brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed, employing agile methodology and collaboration.

$110,000–$120,000/yr
US

  • Support the ISSO with information system security activities.
  • Perform Assessment and Authorization efforts under the Risk Management Framework.
  • Develop and maintain RMF documentation and coordinate vulnerability remediation.

GovCIO transforms government IT with innovative services and solutions. They foster a collaborative, team-oriented culture where employees' talents drive success.

US 2w PTO

  • Manage certification frameworks, including CMMC, NIST, and SOC 2.
  • Develop, track, and maintain security and compliance policy documents.
  • Analyze and review system configurations for security vulnerabilities.

Rubris Inc. provides transformational legal technology and solutions for complex business and legal processes in the mass tort industry. They streamline and automate processes to improve efficiency while delivering unprecedented insights and analytics.

Europe

  • Maintain and improve security policies and controls across the platform.
  • Perform compliance validation and prepare for audits.
  • Conduct risk assessments on new workloads and track mitigation actions.

Jobgether is a platform that connects job seekers with companies. They use AI to match candidates with roles and ensure fair application reviews.

Global

  • Maintain and improve security policies and controls across the platform.
  • Perform compliance validation and prepare for audits.
  • Conduct risk assessments on new workloads and track mitigation actions.

Jobgether is a platform that connects job seekers with companies. They use AI-powered matching to ensure applications are reviewed quickly and fairly. We do not have enough information to assess the company size and culture.

$147,800–$164,000/yr
US 12w maternity 11w paternity

  • Own and lead enterprise-level compliance programs.
  • Define and mature ISO 27001 and ISO 42001 control environments and SOX 404 ITGCs.
  • Act as a subject matter expert and internal consultant for various teams.

Spring Health aims to eliminate mental health barriers with its clinically validated technology, Precision Mental Healthcare. They partner with over 450 companies, providing care for 10 million people and are valued at $3.3 billion.

US 3w PTO

  • Develop, review, and maintain cybersecurity policies, SOPs, TTPs, and POA&Ms.
  • Support cybersecurity audits, assessments, SAVs, and CORA activities.
  • Collect, analyze, and report cybersecurity metrics (ACAS, AVS, IAVM, APMS, FISMA, PPSM, SCCM).

MicroTech is an award-winning Service-Disabled Veteran-Owned Small Business (SDVOSB) that provides information technology and communications solutions. They focus on providing cutting-edge solutions with the customer at the forefront, solving complex business challenges to increase productivity and decrease costs.

US

  • Serve as the primary vCISO and subject matter expert for multiple clients.
  • Lead data-centric cybersecurity programs aligned to business risk.
  • Manage, mentor, and develop vCISO team members.

Coretelligent partners with growing, highly regulated organizations that need secure, dependable IT environments built to scale. They deliver managed IT, cybersecurity, cloud, and strategy, through a model designed for consistency, transparency, and trust. They are building a team of professionals who care deeply about quality, ownership, and continuous improvement.

  • Lead security governance, risk management, and compliance efforts.
  • Oversee security operations and incident response.
  • Partner with IT, Clinical Operations, Privacy, and Compliance to ensure regulatory requirements and industry frameworks.

Tuesday Health is a value-based palliative care provider group dedicated to transforming serious illness and end-of-life care. Through their leading-edge care model, Tuesday Health is shaping the future of community-based palliative care nationwide.

US

  • Establish and maintain the organization’s enterprise-wide information security program.
  • Ensure compliance with healthcare and international security standards.
  • Develop and deliver security awareness training to employees.

MIE provides solutions that make a meaningful difference in healthcare. Founded in 1995, MIE serves as the innovation engine for business units that serve hospitals and health systems, physician practices, Fortune 500 employers, government agencies, and consumers.

Europe

  • Own the DoW product strategy and execution roadmap.
  • Ensure the platform aligns with compliance management under the Risk Management Framework (RMF).
  • Translate customer and mission needs into clear product requirements.

Jobgether uses an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Their system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company.

Global

  • Lead development of security strategy aligned to client business goals.
  • Guide risk management practices including risk registers and threat modeling.
  • Provide executive-level oversight of regulatory compliance programs.

Jobgether uses an AI-powered matching process to ensure applications are reviewed fairly. Their system identifies the top-fitting candidates and shares this shortlist with the hiring company.

$110,000–$140,000/yr
US Unlimited PTO

  • Serve as a security point of contact for external customers deploying into regulated cloud environments.
  • Implement and operate security controls required for FedRAMP Moderate/High, aligned to NIST SP 800-53.
  • Implement security and compliance gates in CI/CD pipelines to prevent non-compliant infrastructure or code from reaching production.

Knox runs the largest Federal managed cloud, building and operating secure cloud and AI environments that support the U.S. government’s most critical missions. Their work is high-impact and purpose-driven, expecting speed, rigor, and trust.

Global

  • Lead SOC 1 & SOC 2 (Type I/II) control scoping, testing, and reporting.
  • Act as primary client contact, translating technical control requirements into clear, actionable guidance.
  • Mentor and supervise junior auditors for alignment with standards.

Jobgether uses an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Their system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company.

US Unlimited PTO

  • Lead SOC 2 and ISO programs through the full audit lifecycle.
  • Build integrations that continuously gather compliance evidence from AWS, GitHub, identity providers, and internal systems.
  • Evaluate and monitor third-party vendors for security and compliance risk.

Fieldguide is establishing a new state of trust for global commerce and capital markets through automating and streamlining the work of assurance and audit practitioners. The company is based in San Francisco, CA, and built as a remote-first company with a team that is inclusive, driven, humble and supportive.