GRC Technical Program Manager
About The Position
ID.me is seeking a Technical Program Manager – Security Assurance to serve as the operational backbone of our external compliance programs. You will co-own the end-to-end lifecycle of controls, policies, and program-specific documentation for FedRAMP, ISO 27001, and SOC 2, with additional contributions to Kantara accreditation. You will drive cross-functional alignment independently, owning outcomes rather than tasks. A unique requirement of this role is high proficiency with AI tools; our team utilizes purpose-built AI agents for evidence validation, control evaluation, and finding management. Fluency in AI-assisted workflows is essential. This role is based out of our Mountain View, CA or McLean, VA offices and requires full-time in-office attendance.
Requirements
- 3+ years of experience operating security or compliance programs aligned to FedRAMP or NIST 800-53.
- 2+ years leading internal or external audits end-to-end, either as audit manager, program owner, or auditor.
- Experience managing control lifecycles, POA&M remediation, and continuous monitoring in a cloud-native environment (AWS or GCP).
- Hands-on experience with a GRC platform (LogicGate preferred) for control tracking, evidence management, and findings remediation.
- Demonstrated professional use of AI tools to support drafting, analysis, evaluation, or workflow automation within compliance or technical programs.
Nice To Haves
- Experience managing FedRAMP Continuous Monitoring and Significant Change Requests.
- Familiarity with NIST SP 800-63, digital identity systems, or Kantara accreditation.
- Certifications such as CISSP, CISA, CCSK, or ISO 27001 Lead Auditor.
- Experience in SaaS, FinTech, GovCloud, or other regulated technology environments.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
