Program Manager, Public Sector Compliance

The Program Manager / Senior Analyst (Public Sector) is a senior-level individual contributor role responsible for the lifecycle management of our most sensitive US government authorizations. This role acts as a lead for high-stakes workstreams involving FedRAMP High, DoD IL5+, CJIS, and ITAR. Unlike the Analyst level, this role takes full ownership of complex federal assessments and leads the continuous monitoring strategy for our Atlas for Government product. This role is a key resource for interpreting NIST 800-53 controls and translating them into technical requirements for our engineering teams. Responsibilities: Lead the end-to-end execution of federal assessments, coordinating with Third Party Assessment Organizations (3PAOs), agency sponsors, and the FedRAMP PMO Manage the federal continuous monitoring (ConMon) program, including the timely analysis and reporting of vulnerabilities and the maintenance of the POAM Lead the annual update and technical review of core FedRAMP artifacts, including the System Security Plan (SSP), Contingency Plan (ISCP), and Incident Response Plan (IRP) Act as a technical advisor to Engineering and Operations teams to ensure cloud configurations (e.g., FIPS 140-2/140-3, boundary protection, and access control) meet federal and DoD IL5+ mandates Perform deep-dive gap analyses for new public sector requirements (such as CMMC or GovRAMP) and define the roadmap for technical remediation Directly support federal sales efforts by serving as a subject matter expert during customer security reviews and explaining our technical compliance posture to agency stakeholders Create and maintain high-impact Jira dashboards and presentations to provide leadership with visibility into public sector compliance health and project milestones Requirements: 5+ years in GRC, Technical Writing, or IT Audit, with a heavy focus on US Public Sector frameworks (FedRAMP, DoD SRG, CJIS) Deep understanding of NIST 800-53 and NIST 800-171 controls and how they are implemented within cloud architectures (AWS, GCP, or Azure) Proven track record of managing federal audits from kickoff through to the issuance of an Authorization to Operate (ATO) Exceptional ability to explain complex security configurations to government auditors and internal technical teams Advanced proficiency in Jira and Confluence to track control performance data and manage large-scale federal documentation projects US Citizenship is required for this role. Responsibilities Expectations: You are expected to be the primary driver of public sector compliance initiatives You move beyond simple task tracking to understand the intent behind federal requirements, ensuring our technical implementation is both compliant and efficient You are expected to maintain the highest level of confidentiality and integrity due to the sensitivity of government data Scope Complexity: The scope is deeply technical and specialized for the US Federal, State, and Local Government markets You will navigate the complexity of mapping shared controls across multiple specialized frameworks, ensuring a single remediation effort satisfies FedRAMP, CJIS, and ITAR requirements simultaneously Authority Impact: This role has the authority to lead federal assessment project streams and represent MongoDB in technical reviews with 3PAOs and federal agencies Your work directly enables MongoDB to secure and maintain the authorizations required to serve the Department of Defense and civilian agencies, protecting a critical revenue stream Expertise: You will be recognized as a subject matter expert in public sector cloud security requirements and their implementation in SaaS environments You bridge the gap between high-level policy and technical engineering, becoming the go-to resource for how MongoDB Atlas for Government meets the most stringent federal mandates Leadership: Leadership in this role is demonstrated through technical ownership and mentorship. You will le ... (truncated, view full listing at source)