← Back to all jobs
C

Junior FedRAMP Consultant (GRC Analyst I)

c2 labs

1d ago

No Phone RequiredOtherRemote, USjobspy_indeed
remoteindeed

Job Description

**C2 Labs** is looking for a **Junior FedRAMP Consultant (GRC Analyst I)** to support technical writing and evidence operations for FedRAMP authorization and ongoing ConMon. This is a great role if you’re detail\-oriented, enjoy structured writing, and want hands\-on exposure to FedRAMP delivery. **What you’ll do** * Support drafting and formatting of SSP/KSI artifacts, policies, and plans. * Collect and organize evidence; maintain traceability in RegScale. * Maintain trackers for actions, evidence requests, and POA\&Ms. * Help compile monthly/quarterly ConMon reporting inputs. **Role summary** Support package development and ConMon operations through structured documentation, evidence operations, and coordination support. This role is ideal for a junior GRC professional who is a strong writer and wants to build FedRAMP experience in a delivery team. **Key responsibilities** * Support drafting and formatting of FedRAMP artifacts (SSP sections, KSI summaries, policies, plans, appendices) under Senior Consultant guidance. * Collect, organize, and quality\-check evidence artifacts (naming standards, version control, completeness) and link evidence in RegScale. * Maintain trackers for open actions, evidence requests, POA\&M items, and deliverable status. * Capture meeting notes and translate outcomes into updated documents, RegScale tasks, or action items. * Support ConMon deliverables: compile scan outputs, update inventories/POA\&Ms, and prepare monthly/quarterly reporting packages. * Perform internal quality checks for template fidelity, cross\-references, and completeness before SME review. **Key deliverables / outputs** * Well\-formatted draft artifacts and appendices ready for Senior/SME review. * Clean evidence library with links and traceability maintained in RegScale. * Up\-to\-date action/evidence/POA\&M trackers and ConMon reporting inputs. **Required qualifications** * Associates degree in IT, Cybersecurity, or related field * 1–3 years experience in GRC, audit support, compliance operations, or security documentation. * Strong written communication and attention to detail (templates, tables, and structured documents). * Basic familiarity with NIST 800\-53 concepts or willingness to learn quickly. * Comfort working with spreadsheets and tracking artifacts across multiple stakeholders. * Reliable follow\-through and responsiveness in a fast\-moving delivery environment. **Preferred / nice to have** * Any FedRAMP exposure (coursework, prior engagement support, or template familiarity). * Experience with GRC tools (RegScale, ServiceNow GRC, Archer) and/or ticketing systems. * Security\+ or similar entry\-level security certification. **Tools \& environment** * RegScale (linking evidence, updating workflows, POA\&M maintenance) * Microsoft Word/Excel (FedRAMP templates and attachments) * Teams/SharePoint and customer\-approved artifact repositories **Engagement details** *