1

Regscale Jobs (NOW HIRING)

Archer, RegScale, eMASS, Xacta, or similar platforms * Product strategy, enterprise architecture, or AI productization experience Why Join C2 Labs? You'll have the opportunity to shape a first-of-its ...

Archer, RegScale, eMASS, Xacta, or similar platforms * Product strategy, enterprise architecture, or AI productization experience Why Join C2 Labs? You'll have the opportunity to shape a first-of-its ...

Regscale information

What is the difference between Regscale vs Compliance Analyst?

AspectRegscaleCompliance Analyst
Required CredentialsTypically certifications in data privacy, cybersecurity, or compliance toolsCertifications like CISA, CISM, or compliance-specific training
Work EnvironmentPrimarily tech-focused, working with compliance software and data managementOffice or remote, analyzing policies, conducting audits, and ensuring regulatory adherence
Employer & Industry UsageUsed by organizations implementing compliance automation solutionsEmployed across finance, healthcare, and corporate sectors for compliance roles

While both roles focus on compliance, Regscale specializes in compliance automation and software solutions, whereas Compliance Analysts perform manual audits and policy reviews. Understanding these differences helps in choosing the right career path or job fit.

More about Regscale jobs
What cities are hiring for Regscale jobs? Cities with the most Regscale job openings:
What states have the most Regscale jobs? States with the most job openings for Regscale jobs include:
Infographic showing various Regscale job openings in the United States as of July 2026, with employment types broken down into 84% Full Time, 8% Part Time, and 8% Contract. Highlights an 67% Physical, and 33% Remote job distribution.

FedRAMP SME - Quality Assurance (QA) Reviewer / Advisor

C2 Labs, Inc

Washington, DC • On-site, Remote

Contractor

Posted 12 days ago


Job description

C2 Labs is seeking an experienced FedRAMP SME to serve as a quality gate and advisor for our authorization acceleration and ConMon managed service work (FedRAMP 20X primary, with legacy Rev. 5 support as needed). This is an ideal role for a seasoned FedRAMP practitioner who enjoys coaching teams and improving deliverable quality.
What you'll do
• QA and redline FedRAMP deliverables (20X KSI summaries and/or legacy SSP/policies/plans).
• Validate evidence traceability and readiness prior to assessor/sponsor interactions.
• Coach writers/consultants on FedRAMP documentation and common review pitfalls.
• Help define internal quality standards and "definition of done" checklists.
What we're looking for
• 8+ years experience delivering FedRAMP authorizations and/or ConMon (CSP, assessor/3PAO, advisory, or agency sponsor).
• CISSP, CISM, or similar security certification
• Deep knowledge of NIST 800-53 control intent, evidence expectations, and how to translate implementation into defensible narratives.
• Strong technical editing and QA mindset; can turn complex feedback into clear, prioritized actions.
• Comfort engaging with senior customer stakeholders, assessors, and GRC/engineering teams.
• Ability to work independently and provide timely review cycles within delivery timelines.
Nice to have
• Bachelors degree in IT, Cybersecurity, or related field
• Hands-on experience with FedRAMP 20X concepts (KSIs, pass/fail criteria, persistent validation cycles).
• CISSP, CISM, or similar security certifications.
• Experience with OSCAL and/or GRC automation platforms (RegScale preferred).
• Experience supporting Azure Government or other government cloud environments.
Engagement details
• 1099 independent contractor (initial engagement); review-based cadence with surge capacity for major milestones.
• Remote-first; occasional on-site support only if requested for workshops/assessments (rare).
• No clearance required; must be able to pass a standard background check and sign NDA/SOW.
• Flexible hours; responsive review turnaround is important.