Procurement Sciences
Director of Security & Compliance (FedRAMP/CMMC) (Salt Lake City, UT)
Procurement Sciences, Salt Lake City, Utah, United States, 84193
Company Overview
Procurement Sciences is at the forefront of transforming the multi-billion-dollar government contracting industry with Awarded AI, our cutting-edge platform designed to help businesses excel in government sales. We simplify complex processes, drive revenue growth, and deliver real cost savings through unmatched efficiency. As a leading venture-backed SaaS company founded by seasoned GovCon experts, we are not just participants in the AI revolution; we are shaping it by solving the industry's toughest challenges. Our "One Team, One Fight" culture values creativity, accountability, and forward-thinking, and we invite driven builders and innovators to help us develop high-performing teams. Ranked among the top 10 percent of fastest-growing SaaS companies and on a clear path to becoming a unicorn, we are seeking top talent to join our early team and play a key role in building the next great AI software company.
Job Title:
Director of Security & Compliance (FedRAMP/CMMC)
Location:
Preferred: Washington, DC metro area or Salt Lake City, UT; Remote considered
Department:
Security & Compliance
Job Summary
Procurement Sciences (PSci.AI) is seeking an accomplished Director of Security & Compliance to lead all aspects of our security, risk management, and compliance programs. This critical leadership role will oversee company-wide compliance with relevant federal standards (FedRAMP, CMMC), partner with Product to launch FedRAMP Moderate or High authorizations for our SaaS offering, and ensure ongoing operational and customer trust. The ideal candidate will be hands-on, strategic, and have successfully managed and launched at least one FedRAMP Moderate or above SaaS authorization.
Key Responsibilities: Lead the FedRAMP Moderate/High authorization and compliance program for our SaaS platform, from preparation through Authority to Operate (ATO) and continuous monitoring. Define and document the system security boundary, architecture, and control implementation strategy for FedRAMP and government cloud environments. Prepare, maintain, and update all security documentation including the System Security Plan (SSP), policies, procedures, Plan of Actions and Milestones (POA&M), and continuous monitoring evidence. Coordinate and manage all interactions with 3PAOs, government sponsors, and FedRAMP PMO. Ensure timely remediation of findings, execution of continuous monitoring activities, and reporting according to federal requirements. Build and maintain the company's CMMC Level 2+ compliance program, ensuring company-wide adherence to NIST SP 800-171 controls and related frameworks. Develop and enforce security policies and best practices across information security, DevSecOps, vulnerability management, incident response, and access control. Partner with Product, Engineering, and Operations to embed security into SDLC and cloud deployment processes. Provide regular risk and compliance briefings to company leadership and external stakeholders. Lead security training, awareness, and role-based education initiatives for internal teams. Represent Procurement Sciences in customer security assessments, compliance reviews, and during agency or partner audits. Required Qualifications:
Direct, hands-on experience managing and launching a FedRAMP Moderate or High SaaS authorization, including documentation, 3PAO audits, and federal stakeholder communications. 7+ years of progressive information security/compliance leadership in SaaS, with substantial exposure to government or regulated environments. In-depth knowledge of FedRAMP, NIST SP 800-53, FIPS 140-2/3, and cloud security best practices. Demonstrated success designing and running CMMC/NIST SP 800-171 compliance programs, including policy development, audit readiness, remediation, and staff education. Solid understanding of modern public cloud environments (e.g., AWS GovCloud, Azure Government) and securing infrastructure, applications, and data in compliance with federal requirements. Proven leadership, project management, and team-building skills in a high-growth, cross-functional environment. Excellent documentation, presentation, and communication abilities, with a record of interfacing effectively with technical teams, executives, auditors, and government representatives. Preferred Qualifications:
Security certifications such as CISSP, CCSP, CISM, CISA, CMMC-AB CCP/CCA, or equivalent. Experience with security automation, security operations tooling, and GRC solutions. Familiarity with DFARS, additional federal standards, or adjacent frameworks (SOC 2, ISO 27001). Compensation & Benefits:
Competitive salary, performance-based bonuses, and stock options. Comprehensive health plan for employees and families. Flexible remote-first work arrangements with hybrid/office options available in DC or Salt Lake City. Significant opportunities for professional growth and leadership in a rapidly scaling SaaS company.
Notice: Background Check Required
As part of our employment process, a background check (including, but not limited to, credit history, criminal records, and employment verification) will be conducted in compliance with the Fair Credit Reporting Act (FCRA). By applying, you acknowledge and consent to this process.
Procurement Sciences is committed to diversity, equity, and inclusion. All qualified applicants are encouraged to apply.
To Apply:
Please submit your resume and a cover letter detailing your experience with FedRAMP SaaS authorizations and CMMC/NIST 800-171 compliance leadership.
Procurement Sciences is at the forefront of transforming the multi-billion-dollar government contracting industry with Awarded AI, our cutting-edge platform designed to help businesses excel in government sales. We simplify complex processes, drive revenue growth, and deliver real cost savings through unmatched efficiency. As a leading venture-backed SaaS company founded by seasoned GovCon experts, we are not just participants in the AI revolution; we are shaping it by solving the industry's toughest challenges. Our "One Team, One Fight" culture values creativity, accountability, and forward-thinking, and we invite driven builders and innovators to help us develop high-performing teams. Ranked among the top 10 percent of fastest-growing SaaS companies and on a clear path to becoming a unicorn, we are seeking top talent to join our early team and play a key role in building the next great AI software company.
Job Title:
Director of Security & Compliance (FedRAMP/CMMC)
Location:
Preferred: Washington, DC metro area or Salt Lake City, UT; Remote considered
Department:
Security & Compliance
Job Summary
Procurement Sciences (PSci.AI) is seeking an accomplished Director of Security & Compliance to lead all aspects of our security, risk management, and compliance programs. This critical leadership role will oversee company-wide compliance with relevant federal standards (FedRAMP, CMMC), partner with Product to launch FedRAMP Moderate or High authorizations for our SaaS offering, and ensure ongoing operational and customer trust. The ideal candidate will be hands-on, strategic, and have successfully managed and launched at least one FedRAMP Moderate or above SaaS authorization.
Key Responsibilities: Lead the FedRAMP Moderate/High authorization and compliance program for our SaaS platform, from preparation through Authority to Operate (ATO) and continuous monitoring. Define and document the system security boundary, architecture, and control implementation strategy for FedRAMP and government cloud environments. Prepare, maintain, and update all security documentation including the System Security Plan (SSP), policies, procedures, Plan of Actions and Milestones (POA&M), and continuous monitoring evidence. Coordinate and manage all interactions with 3PAOs, government sponsors, and FedRAMP PMO. Ensure timely remediation of findings, execution of continuous monitoring activities, and reporting according to federal requirements. Build and maintain the company's CMMC Level 2+ compliance program, ensuring company-wide adherence to NIST SP 800-171 controls and related frameworks. Develop and enforce security policies and best practices across information security, DevSecOps, vulnerability management, incident response, and access control. Partner with Product, Engineering, and Operations to embed security into SDLC and cloud deployment processes. Provide regular risk and compliance briefings to company leadership and external stakeholders. Lead security training, awareness, and role-based education initiatives for internal teams. Represent Procurement Sciences in customer security assessments, compliance reviews, and during agency or partner audits. Required Qualifications:
Direct, hands-on experience managing and launching a FedRAMP Moderate or High SaaS authorization, including documentation, 3PAO audits, and federal stakeholder communications. 7+ years of progressive information security/compliance leadership in SaaS, with substantial exposure to government or regulated environments. In-depth knowledge of FedRAMP, NIST SP 800-53, FIPS 140-2/3, and cloud security best practices. Demonstrated success designing and running CMMC/NIST SP 800-171 compliance programs, including policy development, audit readiness, remediation, and staff education. Solid understanding of modern public cloud environments (e.g., AWS GovCloud, Azure Government) and securing infrastructure, applications, and data in compliance with federal requirements. Proven leadership, project management, and team-building skills in a high-growth, cross-functional environment. Excellent documentation, presentation, and communication abilities, with a record of interfacing effectively with technical teams, executives, auditors, and government representatives. Preferred Qualifications:
Security certifications such as CISSP, CCSP, CISM, CISA, CMMC-AB CCP/CCA, or equivalent. Experience with security automation, security operations tooling, and GRC solutions. Familiarity with DFARS, additional federal standards, or adjacent frameworks (SOC 2, ISO 27001). Compensation & Benefits:
Competitive salary, performance-based bonuses, and stock options. Comprehensive health plan for employees and families. Flexible remote-first work arrangements with hybrid/office options available in DC or Salt Lake City. Significant opportunities for professional growth and leadership in a rapidly scaling SaaS company.
Notice: Background Check Required
As part of our employment process, a background check (including, but not limited to, credit history, criminal records, and employment verification) will be conducted in compliance with the Fair Credit Reporting Act (FCRA). By applying, you acknowledge and consent to this process.
Procurement Sciences is committed to diversity, equity, and inclusion. All qualified applicants are encouraged to apply.
To Apply:
Please submit your resume and a cover letter detailing your experience with FedRAMP SaaS authorizations and CMMC/NIST 800-171 compliance leadership.