Skip to content

FedRAMP Compliance Subject Matter Expert (SME) 

United States – Must Work East Coast Hours
Up to 10% Travel

Primary Purpose and Goal of Role  

Work with internal stakeholders and product engineering teams to drive key aspects of continuous monitoring requirements, support customer onboarding, and drive continuous improvements within the FedRAMP program.


  • Lead rapid assessment teams to identify gaps, risks and remediations for information system  
  • Identify FedRAMP Boundary components in customer deployments  
  • Coordinate with internal stakeholder engineering teams to demonstrate the implementation of security compliance control per technical, management, and operational requirements  
  • Perform vulnerability and compliance scanning, analyze results, provide assessments and reviews  
  • Audit security control to ensure compliance with cloud requirements and governance models  
  • Support the development of technical material, operational processes, security policies, and other core documents   
  • Manage compliance metrics  
  • Write proposals demonstrating a sound understanding of basic contract language  
  • Manage program for Plans of Action and Milestones (POA&Ms)  
  • Coordinate and manage onsite assessments with external stakeholder 
  • Interview subject matter experts and using knowledge to develop, edit, and revise documentation including standard operating procedures, system security plans, and policies and procedures  
  • Produce and edit technical drawings using MS Visio and similar design tools  
  • Clearly document client deliverable that specifies a framework of policies and procedures that include all legal, physical, and technical controls involved in an organization’s risk management 


  • Bachelor's degree from an accredited university in English, Business Writing, Business Administration, etc.  
  • DHS Continuous Monitoring Program Education preferred  
  • Five years minimum writing technical documentation demonstrating knowledge of Cloud and Security concepts  
  • Five years minimum experience with NIST SP 800 Series, FedRAMP and FISMA and NIST SP 800-171   
  • Five years minimum writing, editing, and/or managing a wide variety of IT security documentation and familiarity with federal IT standards such as Federal Information Security Management Act (FISMA)   
  • Five years minimum working with NIST SP 800 Series, FedRAMP and FISMA, ISO27001, and NIST SP 800-171   
  • Three years minimum with cloud data security (FISMA/FedRAMP compliance) and working with public cloud solutions (AWS, Google, and Azure)   
  • Three years minimum interviewing subject matter experts and using knowledge to develop, edit, and revise documentation including standard operating procedures, system security plans, and policies and procedures.  

  • Three years minimum producing and editing technical drawings using MS Visio or similar design  
  • Knowledge of Control Objectives for Information and Related Technologies (COBIT) framework   
  • Authorized to work in the United States without the need for visa sponsorship now or in the future  
  • Position is restricted to clearance requirements and must have performed FedRAMP Advisory or Assessment as a 3PAO
  •  Excellent verbal and written communication skills  
  • Ability to articulate complex information to both technical and non-technical audiences   
  • Team player that clearly and proactively communicates with internal and external stakeholders   
  • Ability to prioritize work to deliver on multiple projects simultaneously  
Quzara LLC is an Equal Employment/Affirmative Action employer. We do not discriminate in hiring based on sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected Veteran status, or any other characteristic protected by federal, state, or local law. 

Join Our Cyber Team!

Working for Quzara means being part of a team driven by innovation and dedication where we rise together.