← Back to all jobs
C

Senior FedRAMP Consultant (GRC Analyst III)

c2 labs

6h ago

0OtherRemote, USjobspy_indeed
remoteindeed

Job Description

**C2 Labs** is hiring a **Senior FedRAMP Consultant (GRC Analyst III equivalent)** to act as a lead technical writer for FedRAMP authorization packages and ongoing ConMon operations. If you can translate real\-world cloud security implementations into crisp FedRAMP documentation—and you care about making ConMon sustainable—this is a strong fit. **What you’ll do** * Lead drafting of FedRAMP artifacts (20X KSI summaries and/or legacy SSP/policies/plans) and drive iterations to completion. * Maintain control/KSI\-to\-evidence traceability in RegScale and keep the evidence library audit\-ready. * Partner with cloud architecture/security engineering resources to ensure technical accuracy. * Support assessor/sponsor readiness: walkthroughs, responses, and updates. **Role summary** Lead author and coordinator for FedRAMP documentation and evidence traceability. This role functions as a technical writer with security and cloud fluency—able to capture architecture and control/KSI implementations from engineering teams and translate them into FedRAMP artifacts. The Senior Consultant owns the quality of first drafts and mentors junior writers. **Key responsibilities** * Lead customer interviews/workshops to capture system boundary, data flows, shared responsibility model, and control/KSI implementations. * Draft and iterate FedRAMP artifacts (e.g., 20X KSI implementation summaries and/or legacy SSP sections, policies, and plans). * Build and maintain traceability between controls/KSIs, evidence, validation methods, and ConMon cadence in RegScale. * Coordinate evidence collection and organize artifacts into a clean evidence library aligned to the package structure. * Partner with the Cloud Architect and Security Engineer to ensure technical accuracy of narratives and diagrams. * Support assessment readiness: conduct package walkthroughs, respond to questions, and update artifacts based on feedback. * Mentor Junior Consultants on writing standards, template fidelity, and evidence hygiene. **Key deliverables / outputs** * FedRAMP first drafts of major package artifacts (KSI summaries and/or SSP sections). * Policy and plan artifacts aligned to FedRAMP expectations (e.g., IRP, CP, CMP, ISCM, Rules of Behavior as required). * Control/KSI\-to\-evidence traceability in RegScale with validation cadence documented. * Assessment\-ready evidence library with consistent naming/versioning and completeness checks. **Required qualifications** * 5\+ years experience in GRC/compliance, security documentation, or audit support roles. * Security certification (CISSP, CISM, CCSP) * Demonstrated technical writing capability: can produce clear, consistent narratives for complex systems and controls. * Working knowledge of NIST 800\-53 controls and evidence expectations; familiarity with FedRAMP package structure and templates. * Comfort collaborating with engineers and architects to accurately describe technical implementation