Paramify Fedramp Jobs in Usa

32 positions found — Page 4

Head of Risk and Compliance
🏢 Semperis
$250 +
Hoboken, NJ 3 weeks ago

At Semperis, our mission is to be a Force for Good. Starting with being a great place to work. We believe that when people feel valued, supported, and empowered, they do their best work. That’s why we focus on creating an employee experience rooted in purpose, growth, and balance. Semperis has been recognized as one of America’s Fastest-Growing Cybersecurity Companies by the Inc. 5000, a DUNS 100 Top Startup to Work For, and a multi-year Inc. Best Workplace awardee.


What We Are Looking For

Semperis is seeking a strategic and forward-thinking Head of Risk to build and lead our global risk and compliance management function.


About the Role

Reporting to the Deputy CISO, you’ll be responsible for designing, implementing, and continuously improving the company’s enterprise risk management (ERM) framework and compliance frameworks, ensuring that security, compliance, and business resilience are embedded into how we operate.


This role requires a leader who can balance technical depth with business acumen—someone who understands cybersecurity risk, regulatory expectations, and operational realities, and can translate that into actionable programs across the organization.


Hybrid in either Dallas, TX or Hoboken, NJ
What You’ll Be Doing

  • Develop and lead the company-wide risk and compliance management strategy, policies, and framework aligned with organizational objectives and regulatory standards.
  • Collaborate with different stakeholders to identify, assess, and mitigate operational, cybersecurity, and compliance risks.
  • Own and evolve the company’s risk register, metrics, and reporting cadence, providing transparent insights to the CISO, senior leadership, and board committees.
  • Manage and lead the company’s compliance frameworks including ISO, Common Criteria, FedRamp, SOCII, GDPR, and more.
  • Quarterback compliance efforts, testing and auditing.
  • Lead third-party and vendor risk management programs, ensuring supply chain resilience and adherence to company security requirements.

What You’ll Bring

  • 7+ years of experience in enterprise risk management, cybersecurity, or information assurance, with at least 5 years in leadership capacity.
  • Strong understanding of cybersecurity frameworks, operational risk, business continuity, and compliance programs.
  • Proven experience working within or alongside a CISO organization in a fast-paced technology or cybersecurity environment.
  • Expertise in quantitative and qualitative risk analysis, reporting, and executive communication.
  • Familiarity with standards and regulations such as NIST, ISO 27001, SOC 2, GDPR, DORA, and NIS2.
  • Excellent relationship-building and influencing skills, capable of engaging stakeholders across technical and business domains.
  • Relevant certifications preferred: CRISC, CISSP, CISM, CISA, ISO 27005 Risk Manager, or equivalent.

Why Join Semperis?

You’ll be part of a global team on the front lines of cybersecurity innovation. At Semperis, we celebrate curiosity, integrity, and people who take initiative. If you’re someone who sees the glass as half full, embraces challenges as growth opportunities, and values a healthy balance between work and life—we’d love to meet you.


Semperis maintains office locations in several cities across the globe. Candidates who reside within 45 miles of one of our offices—or where the job description specifies a required location—will follow our hybrid work model. This includes working onsite some days per week and remotely the remaining days.


Semperis is an equal opportunity employer and will not discriminate against an applicant or employee based on race, color, religion, creed, national origin or ancestry, ethnicity, sex (including gender, pregnancy, sexual orientation, and gender identity), age, physical or mental disability, veteran or military status, genetic information, citizenship, marital status, or any other legally recognized protected basis under federal, state, or local law. The information collected by the Semperis application is solely to determine suitability for employment, verify identity, and maintain employment statistics.
Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and/or other applicable state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Semperis. Please inform Semperis representative Anna Taylor, Director of Global Recruiting, if you need assistance completing this application or to otherwise participate in the application process.
#J-18808-Ljbffr
Not Specified
GRC Automation Engineer
🏢 Talently
Salary not disclosed
San Francisco, CA 3 weeks ago

Job Title: GRC Automation Engineer
Location: Hybrid in San Francisco/NYC or Remote
Salary: $140,000-$215,000
Skills: Compliance Automation, Scripting & API Development, Security Frameworks (SOC 2, ISO 27001, PCI DSS), Cloud Platforms (AWS), Data Governance


About the Company / The Opportunity

:Join a forward-thinking leader in the software industry as a GRC Automation Engineer on a mission to enhance global compliance and enterprise risk management. This role offers the opportunity to shape the next evolution of a robust GRC program, embedding security and data governance principles into the heart of the business. You’ll collaborate across teams to drive automation, uphold the highest standards of compliance and ethics, and leverage advanced technologies to improve organizational security posture in a growing SaaS environment


.
*If you are located within commuting distance of our San Francisco or New York City office this is a hybrid position (M/W/F in office). Otherwise this is a remote role anywhere in the United States with occasional travel to our H


Q.
Responsibiliti

  • es:
    Design and automate control testing and evidence collection to reduce manual effort and improve accuracy for compliance initiati
  • ves.Develop and maintain scripts and APIs across cloud infrastructure, endpoints, and SaaS platforms (e.g., AWS, GitHub, Okta) to interface with compliance to
  • ols.Support recurring internal and external audits (SOC 2, ISO 27001, PCI DSS) by ensuring reliable control monitoring and remediat
  • ion.Champion security, compliance, and data governance strategies, including data deletion, retention, and storage proces
  • ses.Leverage AI/ML tools to enhance efficiency and drive improvements in GRC processes and overall compliance post
  • ure.Define technical control requirements and collaborate with engineering teams to embed compliance checks into CI/CD and infrastructure deployment pipeli



nes.

Must-Have

  • Skills:
    Experience in scripting or automation focused on security, infrastructure,
  • or GRC.Proficiency in building API endpoints and command-line tools; experience working with structured data formats (JSON, CSV
  • , YAML).Solid understanding of audit processes, evidence requirements, and remediation for security and compliance frameworks (SOC 2, ISO 27001, P
  • CI DSS).Ability to automate audit and evidence gathering procedures within cloud and SaaS envir
  • onments.Strong collaboration skills, able to work effectively with technical and non-technical teams to drive GRC init


iatives.
Nice-to-Hav

  • e Skills:
    Familiarity with software development and compliance platforms (e.g., Drata, Satori
  • , GitHub).Experience with AI/ML systems, open-source development, and frontend cloud tec
  • hnologies.Knowledge of federal security frameworks such as FedRAMP or NIST (800-53, 800-
  • 171, RMF).Security certifications (e.g., CIS
  • A, CISSP).Exposure to large-scale SaaS, cloud, or infrastructure environments with glo
bal reach.
Not Specified
jobs by JobLookup