Senior FedRAMP Consultant — GRC Analyst III / Lead Technical Writer

About the position C2 Labs is hiring a Senior FedRAMP Consultant (GRC Analyst III equivalent) to act as a lead technical writer for FedRAMP authorization packages and ongoing ConMon operations. If you can translate real-world cloud security implementations into crisp FedRAMP documentation—and you care about making ConMon sustainable—this is a strong fit.

Responsibilities

• Lead drafting of FedRAMP artifacts (20X KSI summaries and/or legacy SSP/policies/plans) and drive iterations to completion.
• Maintain control/KSI-to-evidence traceability in RegScale and keep the evidence library audit-ready.
• Partner with cloud architecture/security engineering resources to ensure technical accuracy.
• Support assessor/sponsor readiness: walkthroughs, responses, and updates.

Requirements

• 5+ years experience in GRC/compliance, security documentation, or audit support roles.
• Security certification (CISSP, CISM, CCSP)
• Demonstrated technical writing capability: can produce clear, consistent narratives for complex systems and controls.
• Working knowledge of NIST 800-53 controls and evidence expectations; familiarity with FedRAMP package structure and templates.
• Comfort collaborating with engineers and architects to accurately describe technical implementations.
• Strong attention to detail (templates, cross-references, tables, and evidence mapping).

Nice-to-haves

• Bachelors degree in IT, Cybersecurity, or related field
• Prior experience drafting FedRAMP SSPs and/or supporting artifacts (Low/Moderate/High).
• Experience with FedRAMP 20X concepts (KSIs, validation cycles, automation-first evidence).
• Experience working in RegScale or similar GRC tools.
• Audit-related experience.

Apply tot his job Apply To this Job