Staff Technical Program Manager, Regulated Environments
Austin, TX - USA
Job Summary
This is a remote role within the United States. Due to FedRAMP requirements this role requires US citizenship.
About SailPoint
SailPoint provides identity security for cloud enterprises. Our solutions help organizations worldwide secure their digital workforce and ensure employees have the right accessno more no less.
Built on a foundation of AI and ML our Identity Security Cloud Platform delivers the right level of access to the right identities and resources at the right timematching the scale velocity and changing needs of todays cloud-oriented modern enterprise.
About the Role
Regulated environments arent a checkbox for ustheyre how we earn the trust of the most security-conscious organizations and governments in the world. As Staff Technical Program Manager for Regulated Environments you will lead delivery of new regulated environments on our multi-tenant SaaS platform. FedRAMP High is the current priority. Future environments will follow each with its own data-residency and sovereignty requirements. On any given day youll be embedded with Engineering leaders defining evidence sample sets translating controls into concrete engineering work in JIRA prepping artifacts for independent assessors and briefing executive leadership on progress and risk.
This is a highly visible delivery role responsible for the successful execution of our regulated-environments strategy. You will be:
- The central engineering program manager leading delivery of our FedRAMP High authorization and standing up the model to sustain it after go-live.
- The primary interface between Engineering Product and our Compliance team for all matters related to regulated environments.
- Embedded with Engineering leaders to own and manage engineering evidence gathering define sample sets and support technical decisions in preparation for FedRAMP and future regulated-environment audits.
- Accountable for translating compliance requirements into engineering execution plans control implementation milestones and audit-ready evidence pipelinesbuilt once and reused across regimes.
About the Team
Youll join our Engineering Operations team the group that keeps SailPoints engineering organization secure compliant and audit-ready as we scale. Engineering Operations sits at the intersection of Engineering Product and Complianceremoving friction standardizing process and making sure the right evidence and controls are in place without slowing teams down. This role is dedicated to delivering future regulated environmentswith FedRAMP High as the immediate objective and future expansions on the roadmappartnering daily with Engineering Managers/Directors and our Compliance Director. The durable goal is a repeatable delivery engine so each new regulated environment is stood up faster than the last.
Roadmap for Success
By 30 days Discovery & Assessment:
- Conduct 1:1s with key stakeholders across Engineering Cybersecurity Product Ops and our Compliance organization to map the landscape.
- Review and ratify a gap analysis of our FedRAMP Moderate posture focusing on SDLC and FIPS compliance gaps that pose immediate risk.
- Audit current Jira boards the POA&M and in-flight initiatives to gauge engineering velocity and capacity.
- Work closely with our Product leadership to inventory all in-scope future regulated environments and catalog their data-residency and sovereignty requirements at a high level.
- Get current on evolving FedRAMP PMO guidance and what it means for our authorization path.
By 90 days Planning Governance & Early Execution:
- Finalize the approach ownership and sequencing for the highest-impact items with our internal leads.
- Design the control and evidence framework and governance to be reusable across regimes from day one (a control crosswalk) so FedRAMP work compounds toward regulated environments rather than being one-off.
- Work with our Compliance team to stand up Significant Change / release-management governance to prevent compliance drift.
- Deliver leadership a realistic data-backed timeline and resource plan including where regulated-environment work will force roadmap trade-offs.
- Partner with Compliance to frame engineering-scoped SSP documentation and readiness milestones.
- Establish a monthly attestation and progress report for engineering executive leadership.
- Track high-priority technical controls and serve as the primary engineering escalation point for blockers.
By 6 months Audit Readiness & Roadmap:
- Ensure engineering scoped SSP and all attachments (policies procedures contingency plans) are fully drafted and aligned with the implemented environment.
- Coordinate engineering teams readiness/mock assessment with our third-party assessment organization (3PAO) to surface lingering high-risk gaps before the formal audit.
- Validate that all product and feature flags are accurately mapped in production to prevent compliance drift.
- Work with our Product Leadership to deliver a requirements assessment and delivery roadmap for EU sovereign cloud and UAE data-residency obligations including architecture and data-residency gaps and proposed sequencing.
By 1 year Deliver Hand Off & Extend:
- Achieve FedRAMP High authorization establish an engineering org scoped Continuous Monitoring (ConMon) model and transition operational ownership to the sustainment team.
- Begin delivery of the next regulated environment on the roadmap using the established control framework evidence pipeline and governance model.
To Be Successful in This Role You Must:
- Be extremely organized as you will be responsible for coordinating the outputs of multiple Engineering teams.
- Have a deep understanding of technical program management in a fast-moving technology business with demonstrable experience specifically within a FedRAMP context.
- Possess a strong technical understanding of cloud computing (AWS Azure) hardware architecture and the end-to-end Software Development Lifecycle (SDLC) from a compliance perspective.
- Have practical experience implementing NIST 800-53 Rev. 5 controls in cloud-native SaaS architectures including SSP and POA&M lifecycle support.
- Build strong cross-functional relationships. This is a people-facing role where the ideal candidate owns requests and outputs interfacing with multiple cross-functional teams to deliver what Compliance needs.
- Have deep experience with JIRA SharePoint and Confluence as these are the cornerstone tools for this role.
- Have excellent verbal and written communication skills with the ability to clearly and concisely present information to executive leadership.
Requirements
- 5 years of experience in Technical Program Management in a SaaS or cloud-native company.
- 3 years of direct hands-on experience leading FedRAMP authorization programs (FedRAMP Moderate required; proven implementation and operationalization of FedRAMP High controls in a SaaS environment strongly preferred).
- Direct experience with cloud computing (AWS Azure) and the end-to-end SDLC from a compliance perspective.
- Proven experience with compliance evidence collection documentation and audit support.
- Experience working with agile development methodologies.
- Strong written and verbal communication skills and the ability to work collaboratively with stakeholders and development teams.
- Expert knowledge of JIRA SharePoint and Confluence.
- Bachelors degree in Business MIS Computer Science or a related field or equivalent professional experience.
Desired Qualifications
- Experience leading a program to a successful FedRAMP High Ready or In-Process designation.
- Led at least one SaaS product through FedRAMP High authorization (Ready In Process or ATO).
- Familiarity with data-residency and sovereignty architectures and exposure to international regulated-environment regimes such as EU sovereignty schemes / GDPR and data-protection regimes such as PDPL.
- Good understanding of cloud providers (AWS Azure Google) and related technologies monitoring and enablement practices.
- Experience with other compliance certifications such as SOC and ISO.
- Agile/Scrum training or certification.
The Tech Stack
- Program & documentation: JIRA Confluence SharePoint
- Cloud platforms: AWS Azure (Google a plus)
- Compliance frameworks: FedRAMP High NIST 800-53 Rev. 5 SSP/POA&M; data-residency/sovereignty regimes (EU sovereign cloud UAE); SOC and ISO a plus
SailPoint is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability or veteran status.
Benefits and Compensation listed vary based on the location of your employment and the nature of your employment with SailPoint.
As a part of the total compensation package this role may be eligible for the SailPoint Corporate Bonus Plan or a role-specific commission along with potential eligibility for equity participation. SailPoint maintains broad salary ranges for its roles to account for variations in knowledge skills experience market conditions and locations as well as reflect SailPoints differing products industries and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity. We estimate the base salary for US-based employees will be in this range from (min-mid-max USD):
$122200 - $206028.00Base salaries for employees based in other locations are competitive for the employees home location.
Benefits Overview
1. Health and wellness coverage: Medical dental and vision insurance
2. Disability coverage: Short-term and long-term disability
3. Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)
4. Additional life coverage options: Supplemental life insurance for employees spouses and children
5. Flexible spending accounts for health care and dependent care; limited purpose flexible spending account
6. Financial security: 401(k) Savings and Investment Plan with company matching
7. Time off benefits: Flexible vacation policy
8. Holidays: 8 paid holidays annually
9. Sick leave
10. Parental support: Paid parental leave
11. Employee Assistance Program (EAP) and Care Counselors
12. Voluntary benefits: Legal Assistance Critical Illness Accident Hospital Indemnity and Pet Insurance options
13. Health Savings Account (HSA) with employer contribution
SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability protected veteran status or any other category protected by applicable law.
Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact or mail to 11120 Four Points Dr Suite 100 Austin TX 78726 to discuss reasonable accommodations. NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.
Required Experience:
Manager
About Company
The core of enterprise security is identity. Take a tour to see how our identity security platform delivers a foundation that securely fuels your business.