FedRAMP Program Manager

Engineering, Austin, US

About the Team

The Security Stream is dedicated to fostering business growth and enduring customer trust by implementing advanced security measures. They develop balanced security strategies, providing assurance and empowering engineering teams with the necessary tools and guidance. This support covers secure cloud management, establishing secure development practices, and effectively detecting and mitigating security incidents.

A key part of this is the Trust & Information Security Team, which concentrates on maintaining the highest information security standards to safeguard the data and privacy of Miro's customers, employees, and stakeholders. This team manages business risks, ensures adherence to legal and regulatory requirements, and promotes a culture of security awareness. Additionally, they act as trusted compliance advisors to the Go-To-Market (GTM) teams, helping to enable and speed up strategic sales initiatives.

About the Role

We are seeking a highly motivated and experienced FedRAMP Program Manager to lead and manage our security compliance audit programs, with a primary focus on NIST frameworks (e.g., NIST 800-53, CSF) and SOC2 Type II attestations. You will be responsible for the end-to-end lifecycle of audits, from planning and scoping to execution, remediation tracking, and reporting. This role requires a strong understanding of security controls, audit methodologies, risk management, and excellent program management skills.
You will work closely with cross-functional teams, including Engineering, Product, IT, and Legal, to ensure controls are effectively designed, implemented, and operating. The ideal candidate will possess a blend of deep compliance expertise, and a solid understanding of technical security concepts and cloud environments.

What you’ll do

  • Audit Program Management: Lead the planning, execution, and completion of internal and external audits, including NIST assessments and SOC2 Type II examinations
  • Scoping & Planning: Define audit scope, objectives, timelines, and resource requirements in collaboration with stakeholders and external auditors
  • Control Assessment: Evaluate the design and operating effectiveness of security controls against NIST and SOC2 requirements
  • Evidence Collection: Coordinate and manage the collection, review, and submission of audit evidence from various teams across the organization
  • Remediation Tracking: Oversee the tracking and validation of remediation efforts for identified control deficiencies or gaps
  • Stakeholder Management: Serve as the primary point of contact for internal teams and external auditors regarding audit activities. Effectively communicate audit progress, findings, and remediation status to leadership
  • Cross-functional Collaboration: Work closely with Engineering, Product, IT, and other departments to integrate compliance requirements into processes and systems
  • Policy & Procedure Development: Contribute to the development and refinement of security policies, standards, and procedures to ensure alignment with compliance frameworks
  • Risk Management: Assist in identifying, assessing, and mitigating security and compliance risks
  • Continuous Improvement: Identify opportunities to enhance the efficiency and effectiveness of the audit and compliance program, potentially leveraging automation and GRC tools
  • Reporting: Prepare clear and concise audit reports and dashboards for management and relevant stakeholders

What you’ll need

  • Bachelor's degree in Information Systems, Computer Science, Business, or a related field, or equivalent practical experience
  • Proven experience (typically 5+ years) managing IT/security audit programs
  • Direct, hands-on experience managing the full lifecycle of SOC2 Type II audits
  • In-depth knowledge and practical experience applying NIST frameworks (e.g., NIST 800-53, NIST CSF)
  • Strong understanding of IT governance, risk management, and compliance (GRC) principles
  • Excellent program/project management skills, including planning, organization, and stakeholder communication
  • Ability to work effectively with technical and non-technical teams
  • Strong analytical and problem-solving skills
  • Excellent written and verbal communication skills

What's in it for you

  • 401k matching + Competitive equity package
  • Excellent Medical, Dental and Vision health benefits
  • Fertility & Family Forming Benefits
  • Flexible time off
  • Lunch, snacks and drinks provided in the office
  • Wellbeing benefit and WFH equipment allowance
  • Annual learning and development allowance to grow your skills and career
  • Up to $2,000 of charitable donation matches each year

About Miro

Miro is a visual workspace for innovation that enables distributed teams of any size to build the next big thing. The platform's infinite canvas enables teams to lead engaging workshops and meetings, design products, brainstorm ideas, and more. Miro, co-headquartered in San Francisco and Amsterdam, serves more than 90M users worldwide, including 99% of the Fortune 100. Miro was founded in 2011 and currently has more than 1,600 employees in 12 hubs around the world.

We are a team of dreamers. We look for individuals who dream big, work hard, and above all stay humble. Collaboration is at the heart of what we do and through our work together we hope to create a supportive, welcoming, and innovative environment. We strive to play as a team to win the world and create a better version of ourselves every day. If this sounds like something that excites you, we want to hear from you!

Check out more about life at Miro: 

At Miro, we strive to create and foster an environment of belonging and collaboration across cultural differences. Miro’s mission — Empower teams to create the next big thing — is how we think about our product, people, and culture. We believe that creating big things requires diverse and inclusive teams. Diversity invites all talent with different demography, identities and styles to step in, and inclusion invites them to step closer together. Every day, we are working to build a more diverse Miro, cultivate a sense of belonging for future and current Mironeers around the world, and foster an environment where everyone can collaborate and embrace differences.

Miro handles and uses personal data of job applicants in line with its Recruitment Privacy Policy found here

Apply for FedRAMP Program Manager

Valid email format: example@domain.com
Valid phone number format: +31636363634

Resume/CV *

Attach
File types: pdf, doc, docx, txt, rtf
File size: max 2MB

Cover Letter

Attach
File types: pdf, doc, docx, txt, rtf
File size: max 2MB

Do you have US citizenship? *

Max 900 characters allowed.
Max 900 characters allowed.

Do you have experience implementing and maintaining the Federal Risk and Authorization Management Program (FedRAMP) within an organization? *

US Demographic Questionnaire

At Miro, we're committed to building a diverse and inclusive workplace where everyone can thrive. Your unique perspectives empower us to innovate and drive positive change.

While we're eager to learn more about the rich diversity of our candidates, your privacy is paramount. Participation in this questionnaire is completely optional, and any information you provide will be de-identified and analyzed in aggregate form, ensuring it cannot be used to identify you personally.

The insights gained will directly contribute to our broader inclusion strategy, helping us to identify opportunities for enhancing representation and fostering an environment where all talent can succeed. Rest assured, your responses will not influence your application and will be kept strictly confidential.

By choosing to share your demographic information, you're helping us move towards a more inclusive future. If you consent to participate:

Which of the following best describes your gender identity? *

Do you identify as a member of the LGBTQ+ community? *

Please note, if you continue in the interview process or are hired and wish to disclose any demographic information for which you would need to be accommodated, you will need to make this disclosure again separately, as the information provided here will not be linked to your identity.

Prepare yourself to go beyond

Here are some helpful tips to ensure you have all the correct information throughout our hiring process.

How we hire

  • 01. Recruiter Screen

    A 30-min interview to discuss your relevant skills, perspective on resilience, experience, and what motivates you to join Miro.

  • 02. Hiring Manager

    The hiring manager will meet to discuss your experience and fit for the role by assessing whether you align with the Miro Mindset (Curiosity, Drive, Resilience, Empathy, Cognitive Agility & Accountability). This interview usually takes 90-120 minutes.

  • 03. Skill Assesment

    An interactive presentation to see your skills in action, based around a particular case study or business problem.

  • 04. Meet the Team

    Here you will meet cross-functional stakeholders, and we will ask evidence-based questions to evaluate how well you align with the role and Miro's values and culture.

  • 05. Leadership Round

    Meet a member of the leadership team to discuss Miro’s company values and share your vision for success at Miro. 

Ready to go beyond?