Senior GRC Consultant — Federal & Complex Frameworks

Posted 6 Hours Ago
Be an Early Applicant
Hiring Remotely in India
Remote
Senior level
Information Technology
The Role
Lead delivery of federal and complex compliance engagements (FedRAMP, CMMC, HITRUST, NIST). Provide pre-sales technical validation, build reusable control-mapping libraries, SSP and POA&M templates, and AI-assisted evidence-review playbooks. Own pricing, margins, utilization, and QA guardrails for high-stakes authorization efforts. Track framework revisions, translate changes into playbooks, and drive customer outcomes toward successful authorizations and certifications.
Summary Generated by Built In

Sprinto is an Autonomous Trust Platform that centralizes trust requirements across security frameworks, vendors, and customers.

Sprinto autonomously executes tasks needed to maintain trust across compliance, audits, risk management, vendor risk, privacy, and AI governance, enabling organizations to maintain a strong, reliable trust posture without draining operational bandwidth and resources on repetitive tasks.

Backed by top-tier investors such as Accel, Elevation, and Blume Ventures, we’ve raised $31.8M in funding to fuel our mission. Trusted by over 3,000 organizations across 75 countries, Sprinto helps organizations stay audit-ready, manage real-time risks, and scale fearlessly. With 300+ native integrations and AI-driven automation, Sprinto supports 200+ global security standards natively, including SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS, and more. Sprinto's extensible architecture enables organizations to build and support an infinite number of custom integrations and frameworks.

Founded in 2020 by second-time founders Girish Redekar and Raghuveer Kancherla, Sprinto powers compliance for organizations like Whatfix, Encora, Anaconda, Whatnot, Ultrahuman, WeWork, Everstage, AI Foundation, HackerRank, and many more.

Life as a Sprinter : 

Nobody succeeds at Sprinto by staying in their lane.

We are organized around problems, not job titles. Sprinters take ownership beyond their role, solve hard problems, and care deeply about the impact they create. If something can be improved, fixed, or built, we don't wait for permission; we step in.

Being remote means we rely less on proximity and more on trust. We write things down, communicate openly, and move quickly because great teams aren't built by sitting together, they're built by pulling in the same direction.

We believe progress beats perfection, feedback is a gift, and doing the right thing matters, even when nobody is watching.

And while we move with urgency, we never move alone.

The mission of this role : 

Deep technical authority for the most demanding frameworks in Sprinto's portfolio — FedRAMP, CMMC, HITRUST, and the NIST family. Owns delivery for engagements where the customer's contractual or regulatory standing (e.g., DoD eligibility, federal ATO) is directly on the line, and where mistakes are expensive and hard to reverse

Where you'll Leave Your Mark / Things You'll Build

    Deliver

  • Lead delivery of FedRAMP readiness/authorization support, CMMC Level 1–3 assessments and gap remediation, HITRUST r2 validated assessment preparation, NIST 800-53/800-171 control implementation and SSP development, and NIST CSF maturity assessments.

  • Provide pre-sales technical validation on federal/complex opportunities — these deals typically need scoping rigor before contract that standard-framework deals don't.

  • Build reusable IP

  • Build and maintain control-mapping libraries, SSP templates, POA&M templates, and evidence-collection playbooks calibrated to the depth federal frameworks require.

  • Track framework revisions (NIST 800-53 Rev 6, CMMC rule finalization, FedRAMP 20x, etc.) and translate changes into playbook updates promptly — these frameworks move on regulatory timelines, not product timelines.

  • Own commercial outcomes

  • Define pricing for federal/complex engagements, reflecting higher complexity and duration than standard-framework work.

  • Own margin and utilization on your engagement book; forecast capacity against a specialized, harder-to-backfill skillset.

  • AI-enabled productization

  • Build AI-assisted control-mapping and evidence-review playbooks, with heavier human-review gates than standard frameworks warrant given ATO/certification consequences.

  • Quality & risk

  • Define QA guardrails specific to federal work: accuracy is non-negotiable given the downstream consequence (loss of certification/authorization eligibility).

  • Set clear boundaries/disclaimers on what Sprinto's assessment does and doesn't guarantee toward formal certification/authorization outcomes.

The kind of builder we're looking For

    Experience

  • 5+ years in federal/defense-adjacent compliance consulting, or as an ISSO/ISSM, FedRAMP 3PAO assessor, or CMMC C3PAO assessor.

  • Has taken systems through an actual ATO, FedRAMP authorization, or CMMC certification — advisory-only experience isn't sufficient here.

  • Domain mastery

  • FedRAMP (Moderate/High baseline), CMMC L1–L3, HITRUST r2, NIST 800-53, NIST 800-171, NIST CSF.

  • OSCAL/SSP structural familiarity is a plus.

  • AI-enabled workflow proficiency

  • Demonstrated use of AI tools to reduce manual effort and standardize deliverables.

  • Able to translate domain expertise into reusable templates and guided systems.

  • Operator strengths

  • Comfortable owning pricing and margin on a lower-volume, higher-ACV book.

  • Excellent written communication for SSP/POA&M-grade documentation.

  • Strong judgment under regulatory ambiguity.

  • Preferred

  • CISSP, CISA, CMMC-RP/CMMC-CCA, FedRAMP-recognized assessor training, NIST 800-171 assessor certification.

  • Success metrics
  • Utilization % and gross margin on federal/complex engagements (benchmarked separately from standard frameworks — expect fewer, longer engagements).

  • Delivery cycle time and QA pass rate, calibrated to 6–12+ month authorization timelines rather than weeks.

  • Customer outcome rate (successful authorization/certification progression).

  • Deal-unblock impact on federal/regulated opportunities Sales/SE couldn't close without this expertise.

You will enjoy Sprinto if

  • Stepping in before someone has to step up.

  • Wearing multiple hats without counting them.

  • Leaving egos at the door and winning as one team.

  • Taking the harder right over the easier wrong.

  • Shipping, learning, repeating.

  • Staying curious and never staying in your lane.

How we care for our Sprinters

  • Work wherever you are: We are 100% remote, so you get to choose if you want to work from home, a cafe, the hills, or the beach.

  • Co-working, on the house: If co-working is your jam, we offer a generous annual allowance.

  • We care about your learning: We are invested in seeing you grow and commit USD 1,000 annually to help you level up your skills.

  • We count your spark, not your leaves: Unlimited leave so you can reset when you need to.

  • Your Safety Net, Woven In: Health insurance with coverage up to INR 10 lakh for you and your family, accident protection of an additional INR 10 lakh, and life insurance worth 3x your annual salary.

  • Workspace setup of your dreams: We chip in INR 35,000 to help you build a setup that works for you

Inclusion & Diversity -
Sprinto is an equal opportunity employer and does not discriminate on the basis of race, colour, religion, gender, sexual orientation, age, disability, or any other protected status. You are welcome at Sprinto for who you are, and we encourage you to bring your complete selves to work. Our culture is built on the strength of diverse thinking — when people with different perspectives, ideas, and ways of solving problems come together, it fuels collaboration and accelerates our mission.
 
At Sprinto, we are passionate about inclusivity and making sure our entire recruitment process is accessible to everyone. Please share your request for reasonable accommodations at any stage of the application or interview process; we want to ensure everyone feels heard and seen.

Skills Required

  • 5+ years in federal/defense-adjacent compliance consulting or as an ISSO/ISSM, FedRAMP 3PAO assessor, or CMMC C3PAO assessor.
  • Taken systems through an actual ATO, FedRAMP authorization, or CMMC certification (advisory-only experience insufficient).
  • Hands-on experience delivering FedRAMP readiness/authorization support, CMMC L1-L3 assessments and remediation, HITRUST r2 validated assessment preparation, and NIST 800-53/800-171 control implementation and SSP development.
  • Experience developing SSPs, POA&Ms, evidence-collection playbooks, and control-mapping libraries calibrated for federal frameworks.
  • Experience providing pre-sales technical scoping/validation for federal or complex compliance opportunities.
  • Demonstrated use of AI tools to reduce manual effort and standardize deliverables; ability to translate domain expertise into reusable templates and guided systems.
  • Ability to define pricing, own margin and utilization for a lower-volume, higher-ACV engagement book.
  • Excellent written communication for SSP/POA&M-grade documentation.
  • Strong judgment under regulatory ambiguity and ability to set clear boundaries/disclaimers regarding certification/authorization guarantees.
  • OSCAL/SSP structural familiarity.
  • CISSP certification.
  • CISA certification.
  • CMMC-RP or CMMC-CCA certification.
  • FedRAMP-recognized assessor training.
  • NIST 800-171 assessor certification.
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Bengaluru
138 Employees
Year Founded: 2020

What We Do

Automating Information Security Compliances & Privacy Laws for fast growing SaaS companies. Use Sprinto to obtain information security compliance, close enterprise deals faster, and pass vendor security assessments easily.

Similar Jobs

Coinbase Logo Coinbase

Support Engineer

Artificial Intelligence • Blockchain • Fintech • Financial Services • Cryptocurrency • NFT • Web3
Easy Apply
Remote
India
4700 Employees
3M-3M Annually

Circle (circle.so) Logo Circle (circle.so)

Software Engineer

Artificial Intelligence • Consumer Web • Digital Media • Information Technology • Social Impact • Software
Easy Apply
Remote
31 Locations
250 Employees
130K-140K Annually

Micron Technology Logo Micron Technology

Process Engineer

Artificial Intelligence • Hardware • Information Technology • Machine Learning
Remote
Gujarat, IND
45000 Employees

Micron Technology Logo Micron Technology

TSE TE OPS Engineer

Artificial Intelligence • Hardware • Information Technology • Machine Learning
Remote
Gujarat, IND
45000 Employees

Similar Companies Hiring

Scrunch  Thumbnail
Artificial Intelligence • Information Technology • Marketing Tech • Software • SEO
Salt Lake City, Utah
Standard Template Labs Thumbnail
Artificial Intelligence • Information Technology • Software
New York, NY
25 Employees
Golden Pet Brands Thumbnail
Digital Media • eCommerce • Information Technology • Marketing Tech • Pet • Retail • Social Media
El Segundo, California
178 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account