landing_page-logo
True Anomaly logo

Sr. Program Manager, GRC

True AnomalyDenver, CO
Apply with Sonara
Apply

Automate your job search with Sonara.

Submit 10x as many applications with less effort than one manual application.1

Reclaim your time by letting our AI handle the grunt work of job searching.

We continuously scan millions of openings to find your top matches.

pay-wall

Job Description

YOUR MISSION

We are seeking an experienced Senior Program Manager to lead and coordinate cross-functional GRC initiatives across our organization. The ideal candidate will have demonstrated success in managing certification programs such as FedRAMP, SOC 2, DoDIN APL, and other compliance frameworks, while overseeing program delivery through structured KPI tracking, cross-team milestone management, and dashboard-driven reporting.

The candidate must be comfortable operating in fast-paced, regulated environments and be able to drive alignment across engineering, security, legal, compliance, and business operations teams. This is a critical role that ensures successful execution and continuous visibility of compliance initiatives for both internal leadership and external partners, including government and commercial stakeholders.

RESPONSIBILITIES

  • Lead GRC-related program tracking from inception through delivery across multiple frameworks (e.g., FedRAMP, SOC 2, DoDIN APL, ISO 27001, CMMC).
  • Build and maintain program dashboards and executive reports using tools such as Jira, Confluence, GRC platforms (e.g., Diligent), and MS Project to provide transparency across teams and to leadership.
  • Coordinate and manage timelines, resources, and deliverables across security operations, product compliance, IT operations, and external consultants.
  • Track program status against milestones, identify risks and dependencies, and drive timely mitigation plans and course correction as needed.
  • Define and monitor Key Performance Indicators (KPIs) for compliance programs and team performance, ensuring successful execution of tasks and ongoing audit readiness.
  • Serve as the primary point of contact for internal stakeholders, executive leadership, and external assessors or certification bodies.
  • Support compliance readiness activities including pre-assessment readiness, audit facilitation, evidence collection, and post-audit remediation planning.
  • Continuously improve project workflows, team coordination, and reporting processes for scalable and repeatable program management.

QUALIFICATIONS

  • 7+ years of program or project management experience in technology or cybersecurity-related roles, with at least 5 years in GRC or compliance environments.
  • PMP (Project Management Professional)
  • Proven experience managing certification initiatives involving FedRAMP (Moderate or High), SOC 2 (Type I & II), and DoDIN APL.
  • Demonstrated ability to manage multi-disciplinary teams and complex project interdependencies across business and technical stakeholders.
  • Strong proficiency in program management and documentation tools:
  • Jira and Confluence (Atlassian suite)
  • MS Project or similar PM software
  • GRC platforms (e.g., Diligent)
  • Excellent communication and stakeholder management skills, with a strong ability to simplify complexity and drive results across levels of the organization.

Preferred Qualifications

  • Professional certifications such as:
  • Certified Information Systems Auditor (CISA)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified ScrumMaster (CSM) or Agile PM certification
  • Certified Information Systems Security Professional (CISSP)
  • Experience with cloud environments (e.g., Azure Government) and understanding of government cloud authorization processes.
  • Familiarity with Agile/Scrum and hybrid project delivery models.

COMPENSATION

  • Base Salary: $140,000-$190,000
  • Equity + Benefits including Health, Dental, Vision, HRA/HSA options, PTO and paid holidays, 401K, Parental Leave

Your actual level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, education, location, and experience.

ADDITIONAL REQUIREMENTS

  • Work Location-Successful candidates will be located near Denver, Colorado Springs, Long Beach, or Washington D.C. While we observe a hybrid work environment, some work must be done on site.
  • Work environment-the work environment; temperature, noise level, inside or outside, or other factors that will affect the person's working conditions while performing the job.
  • Physical demands-the physical demands of the job, including bending, sitting, lifting and driving.

This position will be open until it is successfully filled. To submit your application, please follow the directions below. #LI-Hybrid