Director of Security & Compliance (FedRAMP/CMMC) (Reston, VA)

Company Overview

Procurement Sciences (PSci.AI) is a fast-growing SaaS startup transforming public sector sales through advanced AI solutions. Our platform, Awarded AI, gives government contractors a competitive edge by simplifying processes, increasing revenue, and driving operational efficiencies. Founded by GovCon industry experts and backed by leading investors, we’ve built a team-driven, innovative culture focused on growth, accountability, and compliance. Join us as we secure the future of GovTech.

Job Title: Director of Security & Compliance (FedRAMP/CMMC)

Location: Preferred: Washington, DC metro area or Salt Lake City, UT; Remote considered

Department: Security & Compliance

Job Summary

Procurement Sciences (PSci.AI) is seeking an accomplished Director of Security & Compliance to lead all aspects of our security, risk management, and compliance programs. This critical leadership role will oversee company-wide compliance with relevant federal standards (FedRAMP, CMMC), partner with Product to launch FedRAMP Moderate or High authorizations for our SaaS offering, and ensure ongoing operational and customer trust. The ideal candidate will be hands-on, strategic, and have successfully managed and launched at least one FedRAMP Moderate or above SaaS authorization.

Key Responsibilities:

• Lead the FedRAMP Moderate/High authorization and compliance program for our SaaS platform, from preparation through Authority to Operate (ATO) and continuous monitoring.

• Define and document the system security boundary, architecture, and control implementation strategy for FedRAMP and government cloud environments.

• Prepare, maintain, and update all security documentation including the System Security Plan (SSP), policies, procedures, Plan of Actions and Milestones (POA&M), and continuous monitoring evidence.

• Coordinate and manage all interactions with 3PAOs, government sponsors, and FedRAMP PMO.

• Ensure timely remediation of findings, execution of continuous monitoring activities, and reporting according to federal requirements.

• Build and maintain the company’s CMMC Level 2+ compliance program, ensuring company-wide adherence to NIST SP 800-171 controls and related frameworks.

• Develop and enforce security policies and best practices across information security, DevSecOps, vulnerability management, incident response, and access control.

• Partner with Product, Engineering, and Operations to embed security into SDLC and cloud deployment processes.

• Provide regular risk and compliance briefings to company leadership and external stakeholders.

• Lead security training, awareness, and role-based education initiatives for internal teams.

• Represent Procurement Sciences in customer security assessments, compliance reviews, and during agency or partner audits.

Required Qualifications:

• Direct, hands-on experience managing and launching a FedRAMP Moderate or High SaaS authorization, including documentation, 3PAO audits, and federal stakeholder communications.

• 7+ years of progressive information security/compliance leadership in SaaS, with substantial exposure to government or regulated environments.

• In-depth knowledge of FedRAMP, NIST SP 800-53, FIPS 140-2/3, and cloud security best practices.

• Demonstrated success designing and running CMMC/NIST SP 800-171 compliance programs, including policy development, audit readiness, remediation, and staff education.

• Solid understanding of modern public cloud environments (e.g., AWS GovCloud, Azure Government) and securing infrastructure, applications, and data in compliance with federal requirements.

• Proven leadership, project management, and team-building skills in a high-growth, cross-functional environment.

• Excellent documentation, presentation, and communication abilities, with a record of interfacing effectively with technical teams, executives, auditors, and government representatives.

Preferred Qualifications:

• Security certifications such as CISSP, CCSP, CISM, CISA, CMMC-AB CCP/CCA, or equivalent.

• Experience with security automation, security operations tooling, and GRC solutions.

• Familiarity with DFARS, additional federal standards, or adjacent frameworks (SOC 2, ISO 27001).

Compensation & Benefits:

• Competitive salary, performance-based bonuses, and stock options.

• Comprehensive health plan for employees and families.

• Flexible remote-first work arrangements with hybrid/office options available in DC or Salt Lake City.

• Significant opportunities for professional growth and leadership in a rapidly scaling SaaS company.

Notice: Background Check Required

As part of our employment process, a background check (including, but not limited to, credit history, criminal records, and employment verification) will be conducted in compliance with the Fair Credit Reporting Act (FCRA). By applying, you acknowledge and consent to this process.

Procurement Sciences is committed to diversity, equity, and inclusion. All qualified applicants are encouraged to apply.

To Apply:

Please submit your resume and a cover letter detailing your experience with FedRAMP SaaS authorizations and CMMC/NIST 800-171 compliance leadership.