Job Description:
• Lead drafting of FedRAMP artifacts (20X KSI summaries and/or legacy SSP/policies/plans) and drive iterations to completion.
• Maintain control/KSI-to-evidence traceability in RegScale and keep the evidence library audit-ready.
• Partner with cloud architecture/security engineering resources to ensure technical accuracy.
• Support assessor/sponsor readiness: walkthroughs, responses, and updates.
Requirements:
• 5+ years experience in GRC/compliance, security documentation, or audit support roles
• Security certification (CISSP, CISM, CCSP)
• Demonstrated technical writing capability: can produce clear, consistent narratives for complex systems and controls.
• Working knowledge of NIST 800-53 controls and evidence expectations; familiarity with FedRAMP package structure and templates.
• Comfort collaborating with engineers and architects to accurately describe technical implementations.
• Strong attention to detail (templates, cross-references, tables, and evidence mapping).
Benefits:
• Remote-first; occasional workshops may be requested (typically minimal travel)
• No clearance required; must be able to pass a standard background check and sign NDA/SOW