1

Fedramp Program Manager Jobs (NOW HIRING)

Define and manage the FedRAMP authorization boundary for the cloud service offering. * Partner with Security, Engineering, Product, IT, Legal, Privacy, Compliance, and GTM teams to align FedRAMP ...

Develop architecture briefing documents to inform the Government FedRAMP program manager and CISO of CSP compliance with FedRAMP program requirements, technical capabilities, and any concerns noted ...

Define and manage the FedRAMP authorization boundary for the cloud service offering. * Partner with Security, Engineering, Product, IT, Legal, Privacy, Compliance, and GTM teams to align FedRAMP ...

Define and manage the FedRAMP authorization boundary for the cloud service offering. * Partner with Security, Engineering, Product, IT, Legal, Privacy, Compliance, and GTM teams to align FedRAMP ...

Develop architecture briefing documents to inform the Government FedRAMP program manager and CISO of CSP compliance with FedRAMP program requirements, technical capabilities, and any concerns noted ...

Develop architecture briefing documents to inform the Government FedRAMP program manager and CISO of CSP compliance with FedRAMP program requirements, technical capabilities, and any concerns noted ...

We're looking for a FedRAMP Technical Program Manager to own day-to-day oversight and execution of Nexthink's FedRAMP and U.S. public sector compliance programs. This is a high-impact, cross ...

We're looking for a FedRAMP Technical Program Manager to own day-to-day oversight and execution of Nexthink's FedRAMP and U.S. public sector compliance programs. This is a high-impact, cross ...

Technical Program Manager- FedRAMP

Boston, MA · On-site +1

$140K - $181K/yr

We're looking for a FedRAMP Technical Program Manager to own day-to-day oversight and execution of Nexthink's FedRAMP and U.S. public sector compliance programs. This is a high-impact, cross ...

Serves as the FedRAMP Program Manager * Work with various IT groups to ensure that IT systems adhere to corporate standards * Interact with various technology teams to confirm findings and mitigation ...

Cybersecurity & Compliance - Ensuring compliance with FISMA, FedRAMP, NIST 800-53, Section 508, and federal data privacy mandates. RESPONSIBILITIES AND DUTIES - Program Manager | Human Capital ...

... NIST, FedRAMP, FISMA, and EPLC methodologies • Coordinate cybersecurity transformation and AI-enabled modernization initiatives • Oversee risk management and issue resolution across multiple ...

Ensure compliance with federal regulations, including FISMA, FedRAMP, NIST, and Section 508 accessibility standards. RESPONSIBILITIES AND DUTIES - Program Manager | Human Capital Programmatic ...

next page

Showing results 1-20

Fedramp Program Manager information

See salary details

$38.5K

$107.5K

$157K

How much do fedramp program manager jobs pay per year?

As of Jun 29, 2026, the average yearly pay for fedramp program manager in the United States is $107,460.00, according to ZipRecruiter salary data. Most workers in this role earn between $79,500.00 and $132,500.00 per year, depending on experience, location, and employer.

What jobs pay 2000 a day?

Fedramp Program Managers typically do not earn $2,000 per day; such high daily rates are more common in specialized consulting, executive contracting, or freelance roles in IT and cybersecurity. These positions often require extensive experience, certifications, and sometimes involve short-term contracts or high-level consulting projects. Most full-time federal or government-related roles pay annual salaries rather than daily rates, but contractors or consultants with niche expertise can command high daily fees.

What are the key skills and qualifications needed to thrive as a FedRAMP Program Manager, and why are they important?

To thrive as a FedRAMP Program Manager, you need expertise in cloud security, risk management, compliance frameworks, and a solid understanding of FedRAMP requirements, usually backed by a degree in IT, cybersecurity, or a related field. Familiarity with tools like GRC (Governance, Risk, and Compliance) platforms, NIST SP 800-53 controls, and certifications such as CISSP or PMP is highly beneficial. Strong project management, stakeholder communication, and problem-solving skills set candidates apart in this role. These competencies are essential for guiding organizations through complex FedRAMP authorization processes and ensuring ongoing compliance with federal security standards.

What is a FedRAMP Program Manager?

A FedRAMP Program Manager is a professional responsible for overseeing and coordinating the process of achieving and maintaining Federal Risk and Authorization Management Program (FedRAMP) compliance for cloud service providers or government agencies. They manage documentation, security assessments, and communication with stakeholders to ensure all requirements are met according to federal standards. Their role is crucial for enabling secure cloud adoption within U.S. government agencies, as they guide the project through the FedRAMP authorization process from start to finish.

How do I get into FedRAMP?

To become a FedRAMP Program Manager, candidates typically need experience in cloud security, federal compliance, or IT management, along with knowledge of FedRAMP standards and processes. Earning relevant certifications such as CISSP or PMP can enhance qualifications, and understanding government procurement procedures is beneficial. Applying through federal job portals or government contracting opportunities is common for these roles.

Is a program manager a high paying job?

A Fedramp Program Manager typically earns a high salary compared to many other government or IT roles due to the specialized knowledge required for managing cloud security compliance programs. Salaries vary based on experience, location, and organization size, but this role often includes benefits and opportunities for advancement. Certification in project management or cybersecurity can also influence compensation levels.

How much does a FedRAMP compliance analyst make?

A FedRAMP compliance analyst typically earns between $70,000 and $110,000 annually, depending on experience, certifications, and location. The role requires knowledge of federal security standards, risk management, and compliance processes, often involving tools like NIST frameworks and security assessment procedures.

What are the main challenges a FedRAMP Program Manager faces when coordinating compliance efforts across multiple teams?

A FedRAMP Program Manager often navigates complex challenges such as aligning cross-functional teams—including IT, security, legal, and operations—to meet rigorous federal cloud security requirements and tight deadlines. Coordinating documentation, ensuring continuous monitoring, and responding to security assessments demand strong project management and communication skills. Additionally, managing evolving compliance standards and liaising with external auditors or government representatives can add to the complexity. Success in this role depends on the ability to facilitate collaboration, maintain meticulous records, and quickly adapt to regulatory updates.

What is the difference between Fedramp Program Manager vs Cloud Security Manager?

AspectFedramp Program ManagerCloud Security Manager
CertificationsFedRAMP certifications, PMP, CISSPCISSP, CCSP, Cloud Security certifications
Work EnvironmentFederal agencies, cloud service providers, government projectsPrivate sector, cloud service providers, enterprise security teams
Industry UsageFederal government compliance, cloud authorizationCloud security strategy, risk management

The Fedramp Program Manager primarily focuses on managing FedRAMP compliance and federal cloud authorization processes, often working within government or contractor environments. In contrast, the Cloud Security Manager oversees overall cloud security strategies and risk mitigation in private or enterprise settings. While both roles require cloud security knowledge and certifications like CISSP, their scope and industry focus differ significantly.

More about Fedramp Program Manager jobs
What cities are hiring for Fedramp Program Manager jobs? Cities with the most Fedramp Program Manager job openings:
What states have the most Fedramp Program Manager jobs? States with the most job openings for Fedramp Program Manager jobs include:
Director, FedRAMP Program

Director, FedRAMP Program

Freshworks

San Mateo, CA • On-site

Full-time

Medical, Dental, Vision, Life, PTO

Posted 12 days ago


Job description

Company Description
Organizations everywhere struggle under the crushing costs and complexities of "solutions" that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done.
There's another option. Freshworks. With a fresh vision for how the world works.
Freshworks Inc. builds uncomplicated service software that delivers exceptional employee and customer experiences. Our people-first approach to AI eliminates friction, helping businesses reduce complexity, lower cost-to-serve, and deliver faster, more human support through enterprise-grade yet easy-to-use CX and IT solutions. Nearly 75,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks to power their Employee Experience (EX) and Customer Experience (CX) operations.
Fresh vision. Real impact. Come build it with us.
Job Description
We are seeking an experienced Director, FedRAMP Program, to lead our federal compliance and authorization program for our SaaS cloud service offerings. This role reports directly to the Chief Information Security Officer and owns the end-to-end FedRAMP journey, from readiness and authorization planning through 3PAO assessment, agency sponsor coordination, Authorization to Operate (ATO), and post-authorization continuous monitoring.
The ideal candidate has personally led or played a senior leadership role in bringing a SaaS company through FedRAMP Moderate authorization, with FedRAMP High experience strongly preferred. This is a cross-functional leadership role requiring deep knowledge of FedRAMP, NIST SP 800-53, cloud security, SaaS engineering operations, SSDLC, DevSecOps, audit readiness, executive communication, risk management, and federal customer expectations.
This role will serve as the primary program leader connecting Security, Engineering, Product, IT, Legal, GRC, Sales, Customer Success, external advisors, 3PAOs, and federal agency stakeholders. Success requires more than managing checklists. This person must be able to drive real control implementation, unblock engineering dependencies, manage risk tradeoffs, and keep executives aligned on timeline, scope, cost, and residual risk.
Key Responsibilities:
FedRAMP Program Leadership
  • Own and lead the company's FedRAMP program from readiness (FW has completed RADD for Moderate) through ATO and continuous monitoring.
  • Develop the overall FedRAMP ATO strategy, roadmap, execution plan, work breakdown structure, milestone plan, and executive reporting model.
  • Lead the company through FedRAMP Moderate authorization, with a path to FedRAMP High for future ATO.
  • Define and manage the FedRAMP authorization boundary for the cloud service offering.
  • Partner with Security, Engineering, Product, IT, Legal, Privacy, Compliance, and GTM teams to align FedRAMP requirements with business and customer needs.
  • Translate FedRAMP requirements into clear workstreams, owners, deliverables, deadlines, and measurable outcomes.
  • Maintain executive-level visibility into program status, risks, decisions, blockers, and funding needs.

Authorization Package Ownership
  • Own the development, maintenance, and quality of the FedRAMP authorization package, including the SSP, SAP, SAR, POA&M, control implementation narratives, policies, standards, procedures, control inheritance documentation, architecture diagrams, data flow diagrams, boundary documentation, and supporting operational evidence.
  • Ensure documentation accurately reflects the real operating environment, not aspirational controls.
  • Build a durable evidence repository and repeatable evidence collection process.
  • Establish documentation quality standards to reduce rework during 3PAO and agency review.

3PAO, Advisor, and Agency Coordination
  • Serve as the primary internal program owner for external FedRAMP partners, including advisors, consultants, 3PAOs, and agency stakeholders.
  • Coordinate readiness assessments, gap assessments, formal assessments, evidence requests, control interviews, penetration testing, and remediation validation.
  • Manage 3PAO engagement timelines, dependencies, artifacts, and issue resolution.
  • Support agency sponsor conversations and help prepare materials needed for agency authorization review.
  • Ensure the SAR findings are translated into clear remediation plans and risk decisions.

POA&M and Risk Management
  • Own the POA&M process for FedRAMP-related findings, vulnerabilities, control gaps, and residual risks.
  • Drive timely remediation of POA&M items across Engineering, Cloud Infrastructure, Cybersecurity, IT, and Product teams.
  • Establish clear ownership, due dates, severity, risk rationale, evidence requirements, and closure criteria for each POA&M item.
  • Escalate overdue or high-risk items to appropriate leadership forums.
  • Partner with business and technical owners to determine when remediation, mitigation, compensating controls, or formal risk acceptance is appropriate.
  • Maintain a clear view of residual risk for executives and authorizing stakeholders.

Control Implementation and Engineering Alignment
  • Partner with Engineering, Cloud Infrastructure, and Cybersecurity teams to implement FedRAMP-required security controls in a SaaS cloud environment.
  • Drive control maturity across identity and access management, privileged access management, vulnerability management, secure configuration management, logging, monitoring, alerting, incident response, encryption, key management, change management, backup and recovery, contingency planning, asset inventory, boundary protection, software supply chain security, and secure SDLC.
  • Help engineering teams understand not just what is required, but why it matters and how to implement it sustainably.
  • Identify control implementation gaps early and drive resolution before they become audit blockers.

Continuous Monitoring and Post-ATO Operations
  • Assist in building and operating the FedRAMP continuous monitoring program after authorization.
  • Own recurring ConMon deliverables, evidence collection, vulnerability reporting, POA&M updates, significant change analysis, incident reporting coordination, and ongoing agency reporting.
  • Partner with Security Operations, Cybersecurity, Engineering, and Compliance to maintain authorization posture.
  • Establish operational processes to prevent control drift after ATO.
  • Track changes to FedRAMP guidance, NIST requirements, agency expectations, and federal cybersecurity directives.
  • Prepare the organization for annual assessments and ongoing authorization maintenance.
  • Keep abreast of FedRAMP program changes, like 20XX, and how they might impact our FedRAMP program.

Executive and Cross-Functional Communication
  • Provide clear, concise program updates to executives, steering committees, and board-level stakeholders.
  • Communicate program health, milestone status, material risks, funding needs, staffing constraints, and decision points.
  • Create executive-ready reporting that connects FedRAMP work to customer trust, federal revenue opportunities, risk reduction, and operational maturity.
  • Facilitate cross-functional decision-making when security requirements conflict with product timelines, engineering capacity, or customer commitments.
  • Serve as the internal FedRAMP translator: able to explain complex requirements in business, technical, and executive terms.

Federal GTM and Customer Support
  • Partner with Sales, Legal, Customer Success, and Cybersecurity GTM teams to support federal customer conversations.
  • Help develop accurate FedRAMP-related customer messaging, RFP responses, trust center content, and security collateral.
  • Ensure external claims about FedRAMP status, roadmap, and control maturity are accurate and legally defensible.
  • Support customer security reviews and federal procurement diligence related to FedRAMP.

Qualifications
  • 10+ years of experience in cybersecurity, compliance, GRC, cloud security, audit, risk management, or security program leadership.
  • Direct experience leading or materially contributing to a FedRAMP Moderate ATO for a SaaS or cloud service provider.
  • Strong working knowledge of the FedRAMP authorization lifecycle, NIST SP 800-53, FedRAMP Rev. 5 requirements, SSP, SAP, SAR, POA&M, continuous monitoring, the 3PAO assessment process, and agency authorization processes.
  • Demonstrated ability to manage complex, cross-functional security programs involving Engineering, Product, Cloud Infrastructure, Cybersecurity, Legal, GRC, and executive stakeholders.
  • Experience building and maintaining audit evidence repositories and compliance operating models.
  • Strong knowledge of SaaS/cloud architecture, preferably AWS, Azure, or multi-cloud environments.
  • Strong understanding of technical security domains, including IAM, vulnerability management, logging/monitoring, encryption, incident response, secure SDLC, change management, and cloud infrastructure security.
  • Proven ability to drive remediation across teams that do not directly report to you.
  • Excellent written and verbal communication skills.
  • Ability to communicate clearly with both technical teams and executive stakeholders.
  • Strong project/program management discipline, including milestone planning, dependency tracking, risk management, and executive reporting.

Preferred Qualifications
  • Experience leading or supporting FedRAMP High authorization.
  • Experience with both agency authorization and legacy JAB-style authorization expectations.
  • Experience working directly with FedRAMP advisors, 3PAOs, agency sponsors, and federal customer security teams.
  • Experience with SaaS products serving enterprise and/or public sector customers.
  • Experience with AWS GovCloud, Azure Government, or other government cloud environments.
  • Experience with adjacent and additive frameworks such as CMMC, ITAR, SOC 2, ISO 27001, ISO 42001, HIPAA, PCI DSS, StateRAMP, IRAP, or ISMAP.
  • Experience supporting federal go-to-market, RFP responses, security questionnaires, and customer trust programs.
  • Certifications such as CISSP, CISM, CISA, CRISC, PMP, CCSP, or equivalent experience.
  • Experience in standing up a new FedRAMP program from scratch.

Additional Information
The annual base salary range for this position is $205,000 - $255,000. This role is also eligible for a target bonus.
Compensation is based on a variety of factors, including but not limited to location, experience, job-related skills, and level.
Freshworks offers multiple options for dental, medical, vision, disability, and life insurance. Equity + ESPP, flexible PTO, flexible spending, commuter benefits, and wellness benefits are also offered. Freshworks also offers adoption and parental leave benefits.
At Freshworks, we have fostered an environment that enables everyone to find their true potential, purpose, and passion, welcoming colleagues of all backgrounds, genders, sexual orientations, religions, and ethnicities. We are committed to providing equal opportunity and believe that diversity in the workplace creates a more vibrant, richer environment that boosts the goals of our employees, communities, and business. Fresh vision. Real impact. Come build it with us.