Port.io · 4 hours ago
GRC Program Manager (FedRAMP & Compliance)
Boston, MA
Full-time
Hybrid
Senior Level
5+ years expPort.io is building an open and flexible Agentic Engineering Platform for modern engineering organizations and is seeking a GRC Program Manager to drive FedRAMP authorization and oversee compliance. The role requires precise coordination across engineering, security, and product teams while managing timelines, budgets, and stakeholder expectations.
Artificial Intelligence (AI)Developer ToolsDevOpsInformation TechnologySoftware
Responsibilities
Lead the FedRAMP project from kickoff through ATO: schedule, documentation, 3PAO engagement, and agency coordination
Own the System Security Plan (SSP), Plan of Action & Milestones (POA&M), and all readiness deliverables
Manage the 3PAO relationship, coordinate assessments, and drive remediation efforts
Build and maintain the compliance evidence repository and continuous monitoring program
Manage cross-team milestones, track control implementation progress, and identify blockers
Develop repeatable processes and frameworks to sustain compliance post-authorization
Partner with Engineering, Security, IT, and Product to translate NIST 800-53 controls into technical implementations
Lead internal readiness assessments and gap analysis
Assist and support GRC initiatives, other compliance frameworks, team processes and systems
Qualification
Required
Direct FedRAMP experience (managing an authorization from start to ATO) - Must have
5+ years of experience managing compliance or GRC programs in SaaS or regulated environments
Proven track record running complex audits or certification programs (FedRAMP, SOC 2, ISO, etc.)
Deep understanding of control frameworks (NIST 800-53, ISO 27001) and how they translate to technical implementations
Exceptional project management and communication skills - ability to manage timelines, budgets, and complex dependencies
Experience managing vendor relationships, including 3PAOs, consultants, and compliance tooling providers
Strong stakeholder management skills - comfortable managing multiple workstreams and influencing across technical and non-technical teams
Detail-oriented with strong documentation and organizational skills
Preferred
Experience working with government agency sponsors and understanding FedRAMP agency workflows
Hands-on experience with GRC automation platforms (Drata, Tugboat Logic, Vanta, OneTrust)
Risk Management
Background in technical security controls, cloud infrastructure, or DevSecOps
CISSP, CISM, PMP, or FedRAMP-related certifications
Experience with continuous monitoring and ongoing compliance management
Company
Port.io
We combined hundreds of years of DevOps knowledge with thousands of hours of research to transform the developer experience as the world sees it today.
51-200 employees
H1B Sponsorship
Port.io has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (1)
2022 (1)
Funding
Current Stage
Growth StageTotal Funding
$160MKey Investors
General AtlanticAccelTeam8
2025-12-11Series C· $100M
2024-10-15Series B· $35M
2023-09-13Series A· $18M
Recent News
2026-01-03
2025-12-12
Company data provided by crunchbase