C
Junior FedRAMP Consultant (GRC Analyst I)
c2 labs
1d ago
No Phone RequiredOtherRemote, USjobspy_indeed
remoteindeed
Job Description
**C2 Labs** is looking for a **Junior FedRAMP Consultant (GRC Analyst I)** to support technical writing and evidence operations for FedRAMP authorization and ongoing ConMon. This is a great role if you’re detail\-oriented, enjoy structured writing, and want hands\-on exposure to FedRAMP delivery.
**What you’ll do**
* Support drafting and formatting of SSP/KSI artifacts, policies, and plans.
* Collect and organize evidence; maintain traceability in RegScale.
* Maintain trackers for actions, evidence requests, and POA\&Ms.
* Help compile monthly/quarterly ConMon reporting inputs.
**Role summary**
Support package development and ConMon operations through structured documentation, evidence operations, and coordination support. This role is ideal for a junior GRC professional who is a strong writer and wants to build FedRAMP experience in a delivery team.
**Key responsibilities**
* Support drafting and formatting of FedRAMP artifacts (SSP sections, KSI summaries, policies, plans, appendices) under Senior Consultant guidance.
* Collect, organize, and quality\-check evidence artifacts (naming standards, version control, completeness) and link evidence in RegScale.
* Maintain trackers for open actions, evidence requests, POA\&M items, and deliverable status.
* Capture meeting notes and translate outcomes into updated documents, RegScale tasks, or action items.
* Support ConMon deliverables: compile scan outputs, update inventories/POA\&Ms, and prepare monthly/quarterly reporting packages.
* Perform internal quality checks for template fidelity, cross\-references, and completeness before SME review.
**Key deliverables / outputs**
* Well\-formatted draft artifacts and appendices ready for Senior/SME review.
* Clean evidence library with links and traceability maintained in RegScale.
* Up\-to\-date action/evidence/POA\&M trackers and ConMon reporting inputs.
**Required qualifications**
* Associates degree in IT, Cybersecurity, or related field
* 1–3 years experience in GRC, audit support, compliance operations, or security documentation.
* Strong written communication and attention to detail (templates, tables, and structured documents).
* Basic familiarity with NIST 800\-53 concepts or willingness to learn quickly.
* Comfort working with spreadsheets and tracking artifacts across multiple stakeholders.
* Reliable follow\-through and responsiveness in a fast\-moving delivery environment.
**Preferred / nice to have**
* Any FedRAMP exposure (coursework, prior engagement support, or template familiarity).
* Experience with GRC tools (RegScale, ServiceNow GRC, Archer) and/or ticketing systems.
* Security\+ or similar entry\-level security certification.
**Tools \& environment**
* RegScale (linking evidence, updating workflows, POA\&M maintenance)
* Microsoft Word/Excel (FedRAMP templates and attachments)
* Teams/SharePoint and customer\-approved artifact repositories
**Engagement details**
*
