Senior Security Program Manager, Public Sector
Ramp$160,400 - $259,200/year
- Full Time
- Senior (5 to 8 years)
$163,000 – $192,000Compensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Cybersecurity, Government & Public SectorIndustries
GRC Subject Matter Expert (SME) - Federal Focus
Salary: $163K - $192K Location Type: Remote Employment Type: Full-Time
Position Overview
At Vanta, our mission is to secure the internet and protect consumer data. We believe that security should be monitored and verified continuously, and we empower companies to practice better security and prove it with ease. As Vanta rapidly grows and moves upmarket, we’re working with increasingly sophisticated customers who have complex security and compliance needs, especially within the federal government sector. The GRC Subject Matter Experts play a critical role in delivering high-quality, scalable content to help these companies effectively manage their GRC programs.
As Vanta’s newest GRC Subject Matter Expert, you’ll be responsible for developing GRC solutions that support our growing list of global federal and public sector customers, with a critical focus on FedRAMP authorization and continuous monitoring. Acting as a bridge between Product Management, customers, and compliance stakeholders, you’ll ensure that our solutions align with key federal security and privacy frameworks. You’ll play a pivotal role in designing, maintaining, and improving compliance-related content while providing strategic input to shape Vanta’s overall GRC product roadmap, with a particular emphasis on our Vanta for Government (V4G) offering.
You’ll join Vanta’s Security organization, which provides essential security operational services, is directly involved in the software development process, sets policies and standards regarding enterprise-wide security requirements, and offers advisory services to enable our business to thrive while effectively managing risk. If you’re someone who has high initiative and enjoys problem solving while having impact at a high-growth company, we would love to hear from you!
You’ll be part of Vanta’s Security organization that directly influences product development, facilitates the creation of automated GRC solutions for customers, and provides expert advisory services to Vantans at large. If you love solving complex problems, thrive in a fast-paced environment, and want to make a real impact at a high-growth company, we’d love to hear from you!
Responsibilities
- Develop New Federal Compliance Frameworks, with a FedRAMP Focus: Lead building new security, privacy, and risk management frameworks for end-users, with a strong focus on FedRAMP (all baselines - Low, Moderate, High), CMMC, and NIST 800-53. This includes developing content to support the creation and maintenance of FedRAMP Authorization Packages (e.g., System Security Plans (SSPs), Plan of Action & Milestones (POA&Ms), Security Assessment Reports (SARs)).
- Optimize GRC Content for V4G: Map evidence requirements, improve control descriptions, write policies, risk scenarios, implementation guidance to enhance clarity and usability for federal compliance, with a particular emphasis on streamlining processes for FedRAMP authorization and continuous monitoring within the V4G platform. Help to develop AI features to support these efforts.
- Analyze Feedback: Identify and resolve issues with control mappings, evidence requirements, and framework content based on input from federal agencies, authorized third-party assessment organizations (3PAOs), and government auditors. Act as a subject matter expert during engagements related to FedRAMP assessments and audits.
- Collaborate Across Teams for Federal Solutions: Work with software engineers, product designers, and customer-facing teams to ensure that GRC content is appropriately integrated into Vanta’s platform and meets end-user needs and V4G requirements, especially those pertaining to FedRAMP.
- Partner with Product for Federal Innovation: Work closely with our Product team to advise on the development of new GRC features in the platform, driving innovation for Vanta for Government (V4G).
Company Information
At Vanta, our mission is to secure the internet and protect consumer data. We believe that security should be monitored and verified continuously, and we empower companies to practice better security and prove it with ease. Vanta has a kind and talented team, and while some have prior security experience, many have been successful at Vanta without it.
Skills
GRC
FedRAMP
Security Frameworks
Compliance Content Development
Federal Security
Privacy Frameworks
Risk Management
Product Management Collaboration
Continuous Monitoring
Vanta
Automates SOC 2 compliance for businesses
About Vanta
Vanta simplifies the process of obtaining and maintaining SOC 2 certification, which is essential for organizations that manage sensitive customer data. The company offers a software-as-a-service (SaaS) platform that automates numerous checks to ensure that security controls are effective and compliant with industry standards. This automation helps small to medium-sized enterprises (SMEs) and tech companies monitor risks and vulnerabilities continuously, significantly reducing the time and cost associated with achieving SOC 2 compliance. Vanta's subscription-based model provides clients with a more efficient and cost-effective way to maintain compliance compared to traditional methods. The goal of Vanta is to transform the compliance process, allowing organizations to focus on their core operations while enhancing their security posture.
San Francisco, CaliforniaHeadquarters
2018Year Founded
$343.4MTotal Funding
SERIES_CCompany Stage
Enterprise Software, CybersecurityIndustries
501-1,000Employees