Senior FedRamp ISSO at Cribl

We’re one of the fastest‑growing private companies and a leading player in a massive, fast‑moving market. With a global workforce, we’re remote‑first and grounded in a simple idea: software is a people business. Cribl is the place where curious, collaborative people can do their best work, grow fast, and bring their full selves to the herd.

Why You’ll Love This Role

We’re looking for a Senior FedRAMP ISSO to own the day-to-day security operations and continuous monitoring program for our FedRAMP Moderate authorized cloud environment. You’ll be the person federal auditors trust, the one engineering teams call when something changes, and the keeper of the SSP (yes, the entire thing – yes, all of it).

This isn’t a “set it and forget it” role; our ATO is active, our ConMon is ongoing, and our POA&Ms don’t manage themselves (we’ve tried). You’ll work at the intersection of compliance rigor and real cloud security, partnering closely with engineering, product, legal, and federal agency customers to keep our authorization healthy and our customers confident.

As An Active Member Of Our Team, You Will…

• Own and continuously maintain the System Security Plan (SSP): ensuring it accurately reflects system architecture, control implementations, and operational changes. “We’ll update it later” is not a ConMon strategy.
• Manage the Plan of Action & Milestones (POA&M): track open findings from 3PAO assessments, vulnerability scans, and internal reviews; coordinate remediation with engineering and operations; report status to agency customers and the FedRAMP PMO on schedule.
• Lead continuous monitoring activities: monthly and annual ConMon reporting, vulnerability scan review and triage, configuration management reviews, and incident reporting per FedRAMP requirements.
• Coordinate annual 3PAO assessments from start to finish: prepare documentation packages, manage assessment logistics, facilitate evidence collection, and respond to auditor inquiries with clarity and confidence.
• Assess the security impact of system changes through our change management process — ensuring new features and infrastructure updates don’t quietly introduce compliance gaps while engineering moves fast.
• Serve as the primary point of contact for federal agency customers, Authorizing Officials (AOs), and the FedRAMP PMO, building relationships grounded in transparency and technical credibility.
• Collaborate with engineering and DevOps teams to maintain the implementation of security controls, review scan results, and drive timely, documented remediation.
• Coordinate security incident response per FedRAMP reporting requirements, working alongside our security operations function to ensure timely and accurate agency notification.
• Monitor and translate evolving federal guidance: NIST publications, FedRAMP policy updates, OMB memos, CISA alerts — into clear, actionable direction for the team.
• We are a remote-first company and work happens across many time-zones – you may be required to occasionally perform duties outside your standard working hours (if on call is not required)

If You’ve Got It - We Want It

• 7+ years of information security experience, with at least 3 years in a dedicated FedRAMP ISSO or ISSE role at a Cloud Service Provider.
• Deep, working knowledge of NIST SP 800-53 Rev 5 and the FedRAMP Moderate baseline, not just awareness, but the kind of familiarity where NIST control identifiers feel like old friends (or at least familiar acquaintances).
• Proven experience authoring and maintaining large-scale System Security Plans. You know your way around an SSP and can defend every line of it.
• Hands-on POA&M management experience: opening, tracking, aging, escalating, and driving findings to documented closure, not just cataloguing them.
• Direct experience running a continuous monitoring program, including monthly ConMon reporting and coordination of annual 3PAO assessments.
• Experience working directly with Third Party Assessment Organizations (3PAOs) through full assessment cycles, including evidence gathering and auditor facilitation.
• Familiarity with cloud environments and their security implications; AWS GovCloud, Azure Government, or GCP experience strongly preferred.
• Strong written communication skills. The documents you produce will be scrutinized by federal auditors and agency security teams; your writing should hold up to that standard.
• Active security certification: CISSP, Certified Authorization Professional (CAP/CGRC), or CISM.
• Nice to haves
  • Experience with the FedRAMP High/IL4/IL/5 baseline; Moderate is the floor, not the ceiling.
  • Familiarity with OSCAL (Open Security Controls Assessment Language) and automated compliance tooling; we’re watching this space closely.
  • Experience with GRC platforms such as Xacta, Archer, or ServiceNow GRC.
  • Knowledge of DISA STIGs and their applicability to cloud-hosted components.
  • An active federal security clearance, or eligibility to obtain one.

#LI-KJ1
#LI-Remote

Interested in joining the Cribl herd? Learn more about the smartest, funniest, most passionate goats you’ll ever meet at cribl.io/about-us.