Technical Program Manager, Governance Risk & Compliance - Platform position at Onebrief.| United States

Onebrief Technical Program Manager, Governance Risk & Compliance - Platform

Experience: 8-years

Pattern: FullTime

Country:

Copy Link Report

General

United States ..........United States

Auto GPT Summarize Enabled

About OnebriefOnebrief is collaboration and AI-powered workflow software designed specifically for military staffs. By transforming this work, Onebrief makes the staff as a whole superhuman - meaning faster, smarter, and more efficient.We take ownership, seek excellence, and play to win with the seriousness and camaraderie of an Olympic team. Onebrief operates as an all-remote company, though many of our employees work alongside our customers at military commands around the world.Founded in 2019 by a group of experienced planners, today, Onebrief’s team spans veterans from all forces and global organizations, and technologists from leading-edge software companies. We’ve raised $320m+ from top-tier investors, including Battery Ventures, General Catalyst, Sapphire Ventures, Insight Partners, and Human Capital, and today, Onebrief is valued at $2.15B. With this continued growth, Onebrief is able to make an impact where it matters most.About the RoleWe are seeking an experienced Technical Program Manager with a strong background in cybersecurity, cloud governance, and compliance to lead Onebrief’s governance, risk, and compliance efforts. This role is pivotal in maintaining and scaling our security posture across regulated environments (FedRAMP, DoD IL5/6, JWICS, NIST RMF) while supporting fast-moving product development.You will work cross-functionally with security engineers, infrastructure engineers, product engineers, product teams, and executive leadership to operationalize security frameworks, manage risk, and guide the organization through audit and authorization processes. This is a highly collaborative and strategic role with an emphasis on program execution and continual improvement.About YouYou are a technically fluent program management leader with deep experience supporting federal cybersecurity compliance efforts. You understand both the structure of frameworks like NIST SP 800-53 and the operational realities of engineering teams.You excel at translating compliance requirements into clear execution plans, measurable milestones, and cross-team deliverables. You are organized, proactive, and comfortable driving accountability across stakeholders. Most importantly, you understand that GRC is a continuous operational discipline — not a one-time audit event.What You’ll DoAccelerate Onebrief’s execution of GRC programs supporting NIST RMF, FedRAMP High, CMMC, and SOC2 authorizationsDevelop and manage integrated project plans for control implementation, remediation, and continuous monitoringCoordinate cross-functional teams (Infrastructure, Engineering, Product) to ensure timely delivery of compliance requirementsTrack control implementation status, POA&Ms, and remediation efforts to closureSupport preparation and coordination of Security Control Assessments (SCAs), 3PAOs, and Federal Customer auditsCoordinate and track development of SSP updates, control narratives, and authorization artifacts in partnership with GRC ArchitectsTrack risk assessment outputs and ensure identified risks are translated into actionable remediation plansDrive the implementation of secure CI/CD practices that meet evolving compliance requirements without blocking velocity.Support the development and operationalization of scalable governance processes defined by GRC leadershipEnsure configuration management, vulnerability management, and change control activities align with compliance requirementsIdentify program risks, dependencies, and blockers, and proactively escalate when necessaryCoach teams on security best practices and contribute to a culture of secure product development.What We Look ForBachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field8+ years of experience in cybersecurity, compliance, or technical program management rolesDemonstrated experience supporting systems under NIST RMF, FedRAMP, or DoD RMFExperience managing cross-functional technical programs in cloud-native environments and technologiesFamiliarity with eMASS or similar authorization management systemsExperience maintaining or coordinating SSPs, POA&Ms, and authorization packagesStrong understanding of:AWS Cloud TechnologiesNIST SP 800-53 control familiesRisk management and continuous monitoring practicesCI/CD and modern DevSecOps workflowsExperience supporting Security Control Assessments or 3PAO auditsCertifications (one or more required)CISSPCISMCGRCPMP or equivalent program management certificationSecurity+ or equivalentMust-Have Skills and QualificationsProven ability to drive complex, compliance-focused technical programs across multiple stakeholdersExperience operating within DoD or federal compliance frameworks (e.g., RMF, FedRAMP)Experience supporting Security Control Assessments, external audits, and Federal CustomersExperience managing POA&Ms and remediation efforts in dynamic, cloud-based environmentsExcellent communication skills with the ability to brief engineers, leadership, and federal stakeholdersSecret Clearance, TS/SCI EligibleNotice to Third Party Recruitment AgenciesPlease note that Onebrief does not accept unsolicited resumes from recruiters or employment agencies. In the absence of an executed Recruitment Services Agreement, there will be no obligation to any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without an agreement Onebrief explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, shall be deemed the property of Onebrief.

Technical Program Manager, Governance Risk & Compliance - Platform job opportunity at Onebrief.

Saved Jobs

No Job Saved

Other Ai Matches