Job Details

We're looking for a Project Manager to lead and coordinate our major compliance initiatives-including FedRAMP Moderate, SOC 2, HIPAA, and GDPR-for a fast-growing, SaaS company headquartered in Boulder, Colorado.
This role is fully focused on program and project management: organizing work, driving timelines, coordinating teams, and ensuring that audits, assessments, and authorization efforts stay on track. You'll create the structure and cadence that keeps all compliance work predictable and moving forward.

Key Responsibilities
Project Ownership

• Build and manage project plans for all compliance programs, including milestones, dependencies, risks, and deadlines.
• Drive consistent execution by running planning sessions, status meetings, and cross-team check-ins.
• Maintain clear communication and visibility for leadership, auditors, and internal teams.

• Ensure Engineering, Security, IT, Legal, HR, and Operations understand responsibilities and timelines.
• Remove roadblocks, escalate risks, resolve scheduling conflicts, and keep all teams aligned.
• Coordinate with external auditors, consultants, and FedRAMP 3PAOs-owning timelines and deliverable exchanges (not the evidence itself).

• Manage the FedRAMP Moderate authorization project from readiness through authorization and continuous monitoring.
• Track documentation progress, POA&M items, assessment schedules, and agency 3PAO timelines.
• Keep leadership updated on progress, blockers, and resource needs.

• Plan annual audit timelines, quarterly reviews, and regulatory checkpoints.
• Ensure all compliance cycles are fully scheduled, properly resourced, and aligned with team capacity.
• Track renewal activities and coordinate external assessments efficiently.

• Maintain a risk and issue log across all compliance initiatives.
• Provide concise, reliable reporting to leadership, highlighting milestones, blockers, and decisions needed.
• Ensure project documentation, status dashboards, and schedules are always current.

• 4-7+ years of project/program management experience in a SaaS or cloud-based environment.
• Experience coordinating compliance or security-related programs (FedRAMP, SOC 2, HIPAA, ISO 27001, NIST frameworks, or similar).
• Strong communication, organization, and stakeholder management skills.
• Proven ability to manage complex timelines across multiple small teams.
• Proficiency with project management and collaboration tools (Jira, Confluence, Asana, Smartsheet, etc.).

• Hands-on experience managing a FedRAMP Moderate authorization project.
• Experience in startups or high-growth companies.
• PMP, CSM, or similar PM certification.
• Familiarity with NIST 800-53, SOC 2 TSC, HIPAA security rule, or GDPR privacy principles.