FedRAMP Compliance Team Member

At TISTA, you’ll do meaningful, mission‑driven work that improves lives alongside teammates you trust and leaders who are transparent and supportive. We invest in your learning and internal mobility so you can build a career that keeps advancing. We’re proud to serve and hire Veterans, and we put people first in everything we do.

TISTA associates enjoy above Industry Healthcare Benefits, Remote Working Options, Paid Time Off, Training/Certification opportunities, Healthcare Savings Account & Flexible Savings Account, Paid Life Insurance, Short-term & Long-term Disability, 401K Match, Professional development reimbursement, Employee Assistance Program, Paid Holidays, Military Leave, and much more!

• Manage the full FedRAMP Authorization to Operate (ATO) lifecycle, including Initial Authorizations, Renewal Authorizations, and ongoing Continuous Monitoring activities.
• Review and assess System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action & Milestones (POA&Ms) submitted by Cloud Service Providers (CSPs).
• Conduct Continuous Monitoring activities, including analysis of:
  • CSP POA&Ms
  • Vulnerability scan results
  • Significant Change Requests
  • Deviation Requests
  • Security incident reports
    to evaluate risk impact and compliance posture.
• Apply working knowledge of NIST SP 800‑53 and FedRAMP Core Controls to assess security control implementation and effectiveness.
• Implement and validate security controls aligned to FedRAMP Low, Moderate, and High baselines using CSP Control Implementation Summary (CIS) Customer Responsibility Matrices (CRMs).
• Serve as a liaison between USDA, CSPs, and USDA customers, supporting CSPs throughout the full FedRAMP lifecycle under USDA Continuous Monitoring as a Service.
• Track evolving FedRAMP requirements, NIST guidance, and policy updates, and integrate changes into internal processes, documentation, and control assessments.
• Manage working relationships with agency customers and CSPs related to:
  • Compliance posture
  • Audit readiness
  • Security documentation requests
  • Risk acceptance decisions
• Provide timely, customer‑focused support while demonstrating the ability to work independently and maintain dependable availability during core business hours.
• Support audit activities, internal reviews, and reporting requirements as needed to maintain authorization status.

• Experience supporting FedRAMP Authorization and Continuous Monitoring activities in a federal environment.
• Working knowledge of NIST SP 800‑53, FedRAMP security baselines, and FedRAMP authorization processes.
• Experience reviewing security documentation (SSPs, SARs, POA&Ms, vulnerability scans).
• Strong written and verbal communication skills, with the ability to communicate complex security concepts to technical and non‑technical stakeholders.
• Ability to manage multiple priorities independently in a deadline‑driven environment.

Preferred Qualifications

• Experience supporting USDA, civilian agencies, or shared services programs.
• Experience working directly with CSPs in IaaS, PaaS, or SaaS environments.
• Familiarity with FedRAMP documentation templates and tooling.
• Relevant certifications (e.g., CISSP, CISM, CAP, Security+, or equivalent).

Education:

• Bachelor’s degree or higher in computer science, Information Technology, Information Security, or similar fields. 

Clearance: 

• The ability to pass a Public Trust Background Investigation.
• US citizens or permanent residents highly preferred.

Location:

• Remote, USA.

Pay Range:

• The pay for this position ranges from $85,730 to $95,500.
• The actual salary offer will carefully consider a wide range of factors, including your skills, qualifications, experience, and location.
• Also, certain positions are eligible for additional forms of compensation, such as bonuses.
• TISTA associates are eligible to participate in our comprehensive benefits plan! More information can be found here: https://tistatech.com/working-at-tista/