×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Project Manager

GRC Program Manager; FedRAMP & Compliance

Job in Boston, Suffolk County, Massachusetts, 02298, USA
Listing for: Port.io
Full Time position
Listed on 2026-02-15
Job specializations:
  • IT/Tech
    Cybersecurity, IT Project Manager
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Position: GRC Program Manager (FedRAMP & Compliance)

About Port

At Port.io
, we are building an open and flexible Agentic Engineering Platform for modern engineering organizations. Following our recent $100M Series C funding round, we are in a phase of rapid hypergrowth with strong enterprise momentum.

We act as the central nervous system for engineering, enabling platform teams to unify their stack and expose it as a governed layer through golden paths for developers and AI agents.

By combining rich engineering context, workflows, and actions, we help organizations transition from manual processes to autonomous, AI‑assisted engineering workflows while maintaining control and accountability.

As a product‑led company, we believe in building world‑class platforms that fundamentally shape how modern engineering organizations operate.

Why we’re looking for you

We’re looking for a GRC Program Manager to drive Port’s FedRAMP authorization and oversee our broader compliance portfolio. You’ll be the program’s operational backbone - coordinating 3

PAO assessments, managing documentation, and ensuring readiness across teams.

FedRAMP authorization is a strategic milestone for Port as we expand into enterprise and federal markets. This is a high‑visibility initiative with executive sponsorship, requiring precise coordination across engineering, security, and product. We need a program manager who thrives in complex, cross‑functional environments and can translate regulatory frameworks into clear execution plans while managing timelines, budgets, and stakeholder expectations.

Who you’ll work with

You’ll report to the CISO and work closely with the Security team, Engineering, Dev Ops, IT, and Product teams. You’ll manage relationships with external partners, including the 3

PAO, FedRAMP consultants, and government agency sponsors. You will also collaborate with Legal and Finance on contracts, budgets, and compliance obligations.

In addition, you’ll support the US sales process, compliance and regulatory inquiries, RFIs/RFPs, and other related business processes.

What you’ll do
  • Lead the FedRAMP project from kickoff through ATO: schedule, documentation, 3

    PAO engagement, and agency coordination.
  • Own the System Security Plan (SSP), Plan of Action & Milestones (POA&M), and all readiness deliverables.
  • Manage the 3

    PAO relationship, coordinate assessments, and drive remediation efforts.
  • Build and maintain the compliance evidence repository and continuous monitoring program.
  • Manage cross‑team milestones, track control implementation progress, and identify blockers.
  • Develop repeatable processes and frameworks to sustain compliance post‑authorization.
  • Partner with Engineering, Security, IT, and Product to translate NIST 800‑53 controls into technical implementations.
  • Lead internal readiness assessments and gap analysis.
  • Assist and support GRC initiatives, other compliance frameworks, team processes and systems.
Requirements
  • Direct FedRAMP experience (managing an authorization from start to ATO) — Must have.
  • 5+ years of experience managing compliance or GRC programs in SaaS or regulated environments.
  • Proven track record running complex audits or certification programs (FedRAMP, SOC 2, ISO, etc.).
  • Deep understanding of control frameworks (NIST 800‑53, ISO 27001) and how they translate to technical implementations.
  • Exceptional project management and communication skills — ability to manage timelines, budgets, and complex dependencies.
  • Experience managing vendor relationships, including 3

    PAOs, consultants, and compliance tooling providers.
  • Strong stakeholder management skills — comfortable managing multiple work streams and influencing across technical and non‑technical teams.
  • Detail‑oriented with strong documentation and organizational skills.
Nice to have
  • Experience working with government agency sponsors and understanding FedRAMP agency workflows.
  • Hands‑on experience with GRC automation platforms (Drata, Tugboat Logic, Vanta, One Trust).
  • Risk Management.
  • Background in technical security controls, cloud infrastructure, or Dev Sec Ops .
  • CISSP, CISM, PMP, or FedRAMP‑related certifications.
  • Experience with continuous monitoring and ongoing compliance management.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search