Senior Security Program Manager (Public Sector)

TL;DR

Senior Security Program Manager (Public Sector): Leading compliance across US government cybersecurity risk management frameworks like Fedhirify.global and Govhirify.global, ensuring effective security practices and successful authorizations. Focus on driving complex cross-functional program management, developing comprehensive security documentation, and engaging with third-party assessors and government sponsors.

Location: Remote (US), with headquarters in New York, NY. Candidates must be U.S.-based full-time employees. Relocation support to NYC or SF (as needed) is available.

Salary: $160,400–$259,150

Company

hirify.global is a financial operations platform designed to save companies time and money, combining payments, corporate cards, vendor management, procurement, travel booking, and automated bookkeeping.

What you will do

• Lead all aspects of the compliance lifecycle across multiple public sector frameworks (e.g., Fedhirify.global, Govhirify.global), including risk assessments and authorization management.
• Drive complex cross-functional program management efforts involving security, legal, engineering, infrastructure, and product teams.
• Serve as a subject matter expert on risk management and regulatory compliance for federal, state, and local government environments.
• Develop and maintain comprehensive security documentation (e.g., SSPs, SARs, POA&Ms, data flow diagrams) aligned with applicable frameworks.
• Monitor compliance with control requirements (e.g., NIST 800-53) and coordinate implementation of technical/procedural safeguards.
• Engage with third-party assessors, government sponsors, and internal teams to support assessments and audits.

Requirements

• 5+ years of experience in information security or compliance, with a focus on government and public sector regulatory frameworks (e.g., Fedhirify.global, Govhirify.global, FISMA, NIST RMF).
• Knowledge of NIST SP 800-53 and experience mapping controls across frameworks.
• Experience with cloud environments like AWS GovCloud or Azure Government, including implementation of compliant architectures.
• Proven ability to manage large-scale compliance programs across diverse stakeholder groups.
• Demonstrated success developing and maintaining regulatory documentation and audit evidence.
• Strong written and verbal communication skills, including translating between technical and executive audiences.

Nice to have

• Relevant certifications (CISSP, CISA, CRISC, CCAK, CGRC).
• Experience with automation platforms for GRC and security monitoring (e.g., Wiz, Paramify).
• Familiarity with other public sector compliance programs (CJIS, IRS 1075, DoD IL5).
• Experience supporting product or infrastructure teams through ATO processes.

Culture & Benefits

• 100% medical, dental, and vision insurance coverage for you (partially covered for dependents) and One Medical annual membership.
• 401k with employer match on contributions.
• Flexible PTO, Fertility HRA (up to $10,000 per year), and Parental Leave.
• Unlimited AI token usage, pet insurance, and centralized home-office equipment ordering.
• Health and Wellness stipend, in-office perks (lunch, snacks, drinks), and budget for intra-office travel.