Senior Security Program Manager, Public Sector

Remote Full-time
About RampRamp is a financial operations platform designed to save companies time and money. Our all-in-one solution combines payments, corporate cards, vendor management, procurement, travel booking, and automated bookkeeping with built-in intelligence to maximize the impact of every dollar and hour spent. More than 40,000 businesses, from family-owned farms to e-commerce giants to space startups, have saved $10B and 27.5M hours with Ramp. Founded in 2019, Ramp powers the fastest-growing corporate card and bill payment platform in America, and enables over $80 billion in purchases each year.Ramp’s investors include Thrive Capital, Sands Capital, General Catalyst, Founders Fund, Khosla Ventures, Sequoia Capital, Greylock, and Redpoint, as well as over 100 angel investors who were founders or executives of leading companies. The Ramp team comprises talented leaders from leading financial services and fintech companies—Stripe, Affirm, Goldman Sachs, American Express, Mastercard, Visa, Capital One—as well as technology companies such as Meta, Uber, Netflix, Twitter, Dropbox, and Instacart.Ramp has been named to Fast Company’s Most Innovative Companies list and LinkedIn’s Top U.S. Startups for more than 3 years, as well as the Forbes Cloud 100, CNBC Disruptor 50, and TIME Magazine’s 100 Most Influential Companies.About the RoleWe are seeking a skilled and detail-oriented Senior Security Program Manager, Public Sector to lead and enhance our organization’s adherence to U.S. government cybersecurity risk management frameworks, including but not limited to FedRAMP and GovRAMP. In this role, you will play a key part in guiding compliance strategies for our public sector initiatives, working cross-functionally to ensure effective security practices and successful authorizations across jurisdictions.Preference for candidates based in the DC Metro area, though this is not a requirement.What You’ll DoLead all aspects of the compliance lifecycle across multiple public sector frameworks (e.g., FedRAMP, GovRAMP), including risk assessments, continuous monitoring, audits, and authorization managementDrive complex cross-functional program management efforts involving teams across security, legal, engineering, infrastructure, and product functions.Serve as a subject matter expert on risk management and regulatory compliance for federal, state, and local government environments.Develop and maintain comprehensive security documentation aligned with applicable frameworks, including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and data flow diagrams.Monitor compliance with control requirements (e.g., NIST 800-53, GovRAMP Baselines) and coordinate the implementation of technical and procedural safeguards.Engage with third-party assessors (3PAOs or independent assessors), government sponsors, and internal teams to support assessments and audits.Lead readiness assessments and support the prioritization of remediation activities across teams.Manage timely tracking and closure of vulnerabilities and findings; ensure reporting and documentation obligations are met.Provide risk-informed compliance recommendations that influence infrastructure and product development decisions.Collaborate with legal and government affairs teams to ensure compliance with emerging federal and state regulatory requirements.Stay informed on evolving threats, compliance trends, and guidance updates across FedRAMP, GovRAMP, NIST, and other frameworks.What You Need 5+ years of experience in information security or compliance, with a focus on government and public sector regulatory frameworks (e.g., FedRAMP, GovRAMP, FISMA, NIST RMF).Knowledge of NIST SP 800-53 and experience mapping controls across frameworks.Experience with cloud environments like AWS GovCloud or Azure Government, including implementation of compliant architectures.Proven ability to manage large-scale compliance programs across diverse stakeholder groups.Demonstrated success developing and maintaining regulatory documentation and audit evidence.Experience leading engagements with internal teams, assessors, and government partners.Strong written and verbal communication skills, including translating between technical and executive audiences.Excellent organizational skills and the ability to manage multiple initiatives with competing priorities.Self-starter with strong problem-solving abilities in ambiguous, fast-moving environments.Nice-to-HavesRelevant certifications: CISSP, CISA, CRISC, CCAK, CGRC (formerly CAP).Experience with automation platforms for GRC and security monitoring (e.g., Wiz, Paramify).Familiarity with other public sector compliance programs (CJIS, IRS 1075, DoD IL5, etc.).Experience supporting product or infrastructure teams through ATO processes.Leadership experience or management of small security/GRC teams.Benefits (for U.S.-based full-time employees)100% medical, dental & vision insurance coverage for youPartially covered for your dependentsOne Medical annual membership401k (including employer match on contributions made while employed by Ramp)Flexible PTOFertility HRA (up to $5,000 per year)WFH stipend to support your home office needsWellness stipendParental LeaveRelocation support to NYC or SFPet insuranceOther noticesPursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.Ramp Applicant Privacy Notice

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Behavioral Health Clinical Liaison, Central Region - VA - Remote

Remote

Experienced Part-Time Data Entry Specialist – Remote Work Opportunity with arenaflex for Career Growth and Development

Remote

Arquitecto/a de Plataforma Cloud (DevOps & Kubernetes)

Remote

Sr Clinical Data Analyst - Medical Device

Remote

Require Student Success & Retention Advisor in Maryland

Remote

Tier 3 Support Engineer

Remote

Experienced Customer Service Manager – Remote Work Opportunity with careerzynith

Remote

**Experienced Customer Support Response Specialist - Remote**

Remote

[Remote] E-Billing Analyst - Remote (Legal Services)

Remote

Urgently Hiring: Virtual Executive Assistant

Remote
← Back