ZipRecruiter

Log In

1

Fedramp Software Jobs (NOW HIRING)

Clearview AI

FedRAMP Analyst

Washington, DC · On-site +1

$80K - $100K/yr

FedRAMP Analyst Department: Security & IT Employment Type: Full Time Location: Remote USA ... software evidence, baseline/config drift support). * Prepare monthly CONMON reporting packages ...

Clearview AI, Inc.

FedRAMP Analyst

Washington, DC

The FedRAMP Analyst is responsible for day-to-day execution of Clearview AI's FedRAMP Continuous ... software evidence, baseline/config drift support). * Prepare monthly CONMON reporting packages ...

Motorola

Cybersecurity Engineer (FedRAMP)

Ohio, IL · On-site

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Cybersecurity Engineer (FedRAMP)

Michigan, ND · On-site

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Cybersecurity Engineer (FedRAMP)

Carolina, RI · On-site

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Cybersecurity Engineer (FedRAMP)

Alabama, NY · On-site

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Cybersecurity Engineer (FedRAMP)

Indiana, PA · On-site

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

Motorola

Department Overview As one of the original FedRAMP accredited 3PAOs, we remain one of the few ... Knowledge of the Software Development Lifecycle (SDLC) as it relates to Information Security and ...

next page

Showing results 1-20

People also search for

All JobsFedramp Software Jobs

Fedramp Software information

See salary details

$5

$33

$62

How much do fedramp software jobs pay per hour?

As of Jun 6, 2026, the average hourly pay for fedramp software in the United States is $33.84, according to ZipRecruiter salary data. Most workers in this role earn between $21.88 and $44.95 per hour, depending on experience, location, and employer.

What is FedRAMP software?

FedRAMP software refers to cloud-based products and services that have been authorized under the Federal Risk and Authorization Management Program (FedRAMP). This program standardizes security assessment, authorization, and continuous monitoring for cloud services used by U.S. federal agencies. FedRAMP software meets strict security requirements and has undergone rigorous evaluation to ensure the protection of federal data. Vendors must achieve FedRAMP authorization before federal agencies can use their cloud solutions.

What are some common challenges faced by software engineers working on FedRAMP-compliant projects?

Software engineers working on FedRAMP-compliant projects often face challenges such as navigating complex security requirements and documentation processes. Ensuring that software meets stringent federal security controls, maintaining thorough audit trails, and collaborating closely with compliance teams are integral parts of the role. Additionally, engineers must stay updated on evolving FedRAMP guidelines and may need to coordinate with external assessors during authorization reviews. These challenges require strong attention to detail, adaptability, and a collaborative mindset.

What are the key skills and qualifications needed to thrive as a FedRAMP Software Engineer, and why are they important?

To thrive as a FedRAMP Software Engineer, you need expertise in secure software development, knowledge of cloud security frameworks, and familiarity with FedRAMP compliance requirements, generally supported by a degree in computer science or a related field. Proficiency with cloud platforms like AWS or Azure, experience using security assessment tools, and certifications such as AWS Certified Security – Specialty or CISSP are highly valued. Attention to detail, problem-solving, and strong communication skills help ensure compliance and facilitate collaboration with cross-functional teams. These skills are crucial to developing, maintaining, and certifying software that meets rigorous federal security standards, maintaining client trust and regulatory approval.

What is the difference between Fedramp Software vs Fedramp Security Assessor?

AspectFedramp SoftwareFedramp Security Assessor
Primary RoleDevelops, maintains, and implements Fedramp-compliant cloud software solutionsEvaluates and verifies Fedramp compliance of cloud service providers
Required CredentialsIT, cloud, or software development certifications; knowledge of Fedramp standardsSecurity certifications like CISSP, CISA, or similar; expertise in security assessment
Work EnvironmentSoftware development teams, cloud environments, IT departmentsSecurity assessment teams, government agencies, compliance offices

Fedramp Software professionals focus on creating and maintaining Fedramp-compliant cloud solutions, while Fedramp Security Assessors evaluate and validate these solutions' compliance. Both roles are essential in the Fedramp ecosystem, but they serve different functions—one develops, the other assesses.

More about Fedramp Software jobs
What cities are hiring for Fedramp Software jobs? Cities with the most Fedramp Software job openings:
What states have the most Fedramp Software jobs? States with the most job openings for Fedramp Software jobs include:
What job categories do people searching Fedramp Software jobs look for? The top searched job categories for Fedramp Software jobs are:
Fedramp Software jobs near you
FedRAMP Analyst

FedRAMP Analyst

Clearview AI

Washington, DC • On-site, Remote

$80K - $100K/yr

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted 19 days ago

Job description

FedRAMP Analyst
Department: Security & IT
Employment Type: Full Time
Location: Remote USA
Compensation: $80,000 - $100,000 / year
Description
The FedRAMP Analyst is responsible for day-to-day execution of Clearview AI's FedRAMP Continuous Monitoring (CONMON) program for Clearview's federal-authorized platforms, including FedRAMP High. This role owns monthly CONMON deliverables (vulnerability tracking, POA&M updates, inventory reporting, and monthly executive reporting inputs), supports annual 3PAO assessment preparation, and maintains audit-ready evidence repositories aligned to the approved ATO package (SSP and appendices).
The FedRAMP Analyst partners closely with Engineering, Security & IT, Legal, People Operations, and external compliance partners to ensure authorized systems remain compliant, secure, and ready to support active U.S. Government customer usage. This role is scoped exclusively to FedRAMP; any future DoD IL program will be staffed as a separate position and is out of scope for this role.
Key Responsibilities
  • Execute the monthly FedRAMP CONMON calendar and ensure timely completion of all required artifacts and submissions.
  • Own monthly vulnerability remediation tracking: intake scan outputs, open/track remediation tickets, validate closure evidence, and ensure SLA adherence (e.g., 30/90/180-day timelines).
  • Maintain and update the Plan of Action and Milestones (POA&M): create/update POA&M items, document milestones, track due dates, coordinate risk statements with Legal, and route for approvals.
  • Generate and maintain monthly inventory and configuration evidence (e.g., Integrated Inventory Workbook/IIW updates, authorized software evidence, baseline/config drift support).
  • Prepare monthly CONMON reporting packages, including Monthly Security Status Reports, CONMON Executive Summary inputs, deviation requests, and other stakeholder reports required by the Sponsoring Agency, FedRAMP PMO, or Authorizing Official.
  • Prepare deviation and exception requests: gather technical justification, compensating control documentation, scope/impact statements, and route through required approvals.
  • Support continuous monitoring governance activities: access review evidence, log/monitoring review evidence, and coordination of corrective actions with Engineering and Security & IT.
  • Maintain the CONMON and ATO artifact repository in Google Drive (or designated system): version control, naming conventions, evidence indexing, and audit-ready structure.
  • Support annual security testing activities (e.g., penetration tests, red-team exercises if applicable, IR/ISCP tabletop exercises) by tracking schedules, collecting artifacts, and documenting remediation status.
  • Support annual 3PAO assessment coordination: evidence collection, interview scheduling, assessor Q&A tracking, and findings remediation tracking in partnership with the VP, Federal Operations.
  • Support significant change workflows: help determine compliance impact, document change narratives, update SSP appendices as required, and maintain change evidence for CONMON.
  • Track training compliance for federal systems (Rules of Behavior acknowledgements, required awareness training completion) in coordination with People Ops and Security & IT.
  • Serve as a primary day-to-day point of contact for internal stakeholders for FedRAMP evidence requests and compliance status updates; escalate risks and blockers to the VP, Federal Operations.

Skills, Knowledge and Expertise
  • 3+ years of experience in cybersecurity compliance, GRC, or operating regulated cloud environments (FedRAMP, DoD IL, CJIS, HIPAA, PCI, ISO 27001/42001, or similar).
  • Demonstrated experience executing continuous monitoring or recurring compliance reporting programs (monthly cadence preferred).
  • Working knowledge of NIST 800-53 and FedRAMP concepts (POA&M management, SSP/ATO artifact structure, assessment evidence expectations).
  • Experience coordinating vulnerability remediation tracking and translating technical findings into compliance artifacts (tickets, evidence, milestones, risk language).
  • Strong project management and organizational skills; ability to manage multiple deadlines and stakeholder inputs.
  • Excellent communication skills for producing audit-ready narratives, status reports, and executive summaries.
  • Comfort working with technical teams (Engineering, Security) to obtain evidence and validate remediation outcomes.
  • Experience using common tooling for evidence and workflow tracking (Google Drive, Jira/Linear, spreadsheets, ticketing systems).
  • Ability to manage confidential and sensitive cybersecurity information.
  • Candidates must be able to meet government security clearance requirements as required for this role.

Preferred Qualifications:
  • Direct experience supporting a FedRAMP Moderate/High authorization, annual 3PAO assessment, or agency ATO process.
  • Experience with SecondFront/Game Warden or other FedRAMP-adjacent platforms and inherited-control models.
  • Familiarity with vulnerability scanning, SIEM/log review concepts, and secure SDLC evidence (SAST/DAST, threat modeling).
  • Experience with evidence automation or compliance engineering approaches (repeatable evidence packets, templates, control mapping).
  • Relevant certifications (e.g., Security+, SSCP, CISSP Associate, CAP, CISA, PMP).

Benefits
  • Medical, Dental, Vision, STD and LTD Plans
  • FSA - Medical and Dependent Care
  • EAP and wellness programs
  • 13 Paid Holidays
  • Unlimited PTO
  • Flexible work environment - 100% remote
  • 401(k) plan

Apply