Subscribe to the latest remote jobs:

Staff Technical Program Manager, Regulated Environments

🇺🇸 United States

Management

AWS

Azure

Finance

Machine Learning

Design

Project Management

Legal

SaaS

Cybersecurity

$122,200 - $206,028.00

Staff Technical Program Manager, Regulated Environments

from 🇺🇸 United States

$122,200 - $206,028.00

This is a remote role within the United States. Due to FedRAMP requirements, this role requires US citizenship.

About SailPoint

SailPoint provides identity security for cloud enterprises. Our solutions help organizations worldwide secure their digital workforce and ensure employees have the right access—no more, no less.

Built on a foundation of AI and ML, our Identity Security Cloud Platform delivers the right level of access to the right identities and resources at the right time—matching the scale, velocity, and changing needs of today's cloud-oriented, modern enterprise.

About the Role

Regulated environments aren't a checkbox for us—they're how we earn the trust of the most security-conscious organizations and governments in the world. As Staff Technical Program Manager for Regulated Environments, you will lead delivery of new regulated environments on our multi-tenant SaaS platform.FedRAMP High is the current priority. Future environments will follow, each with its own data-residency and sovereignty requirements. On any given day you'll be embedded with Engineering leaders defining evidence sample sets, translating controls into concrete engineering work in JIRA, prepping artifacts for independent assessors, and briefing executive leadership on progress and risk.

This is a highly visible delivery role responsible for the successful execution of our regulated-environments strategy. You will be:

  • The central engineering program manager leading delivery of our FedRAMP High authorization and standing up the model to sustain it after go-live.
  • The primary interface between Engineering, Product, and our Compliance team for all matters related to regulated environments.
  • Embedded with Engineering leaders to own and manage engineering evidence gathering, define sample sets, and support technical decisions in preparation for FedRAMP and future regulated-environment audits.
  • Accountable for translating compliance requirements into engineering execution plans, control implementation milestones, and audit-ready evidence pipelines—built once and reused across regimes.

About the Team

You'll join our Engineering Operations team, the group that keeps SailPoint's engineering organization secure, compliant, and audit-ready as we scale. Engineering Operations sits at the intersection of Engineering, Product, and Compliance—removing friction, standardizing process, and making sure the right evidence and controls are in place without slowing teams down. This role is dedicated to delivering future regulated environments—with FedRAMP High as the immediate objective and future expansions on the roadmap—partnering daily with Engineering Managers/Directors and our Compliance Director. The durable goal is a repeatable delivery engine so each new regulated environment is stood up faster than the last.

Roadmap for Success

By 30 days — Discovery & Assessment:

  • Conduct 1:1s with key stakeholders across Engineering, Cybersecurity, Product Ops, and our Compliance organization to map the landscape.
  • Review and ratify a gap analysis of our FedRAMP Moderate posture, focusing on SDLC and FIPS compliance gaps that pose immediate risk.
  • Audit current Jira boards, the POA&M, and in-flight initiatives to gauge engineering velocity and capacity.
  • Work closely with our Product leadership to inventory all in-scope future regulated environments and catalog their data-residency and sovereignty requirements at a high level.
  • Get current on evolving FedRAMP PMO guidance and what it means for our authorization path.

By 90 days — Planning, Governance & Early Execution:

  • Finalize the approach, ownership, and sequencing for the highest-impact items with our internal leads.
  • Design the control and evidence framework and governance to be reusable across regimes from day one (a control crosswalk), so FedRAMP work compounds toward regulated environments rather than being one-off.
  • Work with our Compliance team to stand up Significant Change / release-management governance to prevent compliance drift.
  • Deliver leadership a realistic, data-backed timeline and resource plan, including where regulated-environment work will force roadmap trade-offs.
  • Partner with Compliance to frame engineering-scoped SSP documentation and readiness milestones.
  • Establish a monthly attestation and progress report for engineering executive leadership.
  • Track high-priority technical controls and serve as the primary engineering escalation point for blockers.

By 6 months — Audit Readiness & Roadmap:

  • Ensure engineering scoped SSP and all attachments (policies, procedures, contingency plans) are fully drafted and aligned with the implemented environment.
  • Coordinate engineering teams' readiness/mock assessment with our third-party assessment organization (3PAO) to surface lingering high-risk gaps before the formal audit.
  • Validate that all product and feature flags are accurately mapped in production to prevent compliance drift.
  • Work with our Product Leadership to deliver a requirements assessment and delivery roadmap for EU sovereign cloud and UAE data-residency obligations, including architecture and data-residency gaps and proposed sequencing.

By 1 year — Deliver, Hand Off & Extend:

  • Achieve FedRAMP High authorization, establish an engineering org scoped Continuous Monitoring (ConMon) model, and transition operational ownership to the sustainment team.
  • Begin delivery of the next regulated environment on the roadmap using the established control framework, evidence pipeline, and governance model.

To Be Successful in This Role You Must:

  • Be extremely organized, as you will be responsible for coordinating the outputs of multiple Engineering teams.
  • Have a deep understanding of technical program management in a fast-moving technology business, with demonstrable experience specifically within a FedRAMP context.
  • Possess a strong technical understanding of cloud computing (AWS, Azure), hardware architecture, and the end-to-end Software Development Lifecycle (SDLC) from a compliance perspective.
  • Have practical experience implementing NIST 800-53 Rev. 5 controls in cloud-native SaaS architectures, including SSP and POA&M lifecycle support.
  • Build strong cross-functional relationships. This is a people-facing role where the ideal candidate owns requests and outputs, interfacing with multiple cross-functional teams to deliver what Compliance needs.
  • Have deep experience with JIRA, SharePoint, and Confluence, as these are the cornerstone tools for this role.
  • Have excellent verbal and written communication skills, with the ability to clearly and concisely present information to executive leadership.

Requirements

  • 5+ years of experience in Technical Program Management in a SaaS or cloud-native company.
  • 3+ years of direct, hands-on experience leading FedRAMP authorization programs (FedRAMP Moderate required; proven implementation and operationalization of FedRAMP High controls in a SaaS environment strongly preferred).
  • Direct experience with cloud computing (AWS, Azure) and the end-to-end SDLC from a compliance perspective.
  • Proven experience with compliance evidence collection, documentation, and audit support.
  • Experience working with agile development methodologies.
  • Strong written and verbal communication skills and the ability to work collaboratively with stakeholders and development teams.
  • Expert knowledge of JIRA, SharePoint, and Confluence.
  • Bachelor's degree in Business, MIS, Computer Science, or a related field, or equivalent professional experience.

Desired Qualifications

  • Experience leading a program to a successful FedRAMP High "Ready" or "In-Process" designation.
  • Led at least one SaaS product through FedRAMP High authorization (Ready, In Process, or ATO).
  • Familiarity with data-residency and sovereignty architectures, and exposure to international regulated-environment regimes such as EU sovereignty schemes / GDPR and data-protection regimes such as PDPL.
  • Good understanding of cloud providers (AWS, Azure, Google) and related technologies, monitoring, and enablement practices.
  • Experience with other compliance certifications such as SOC and ISO.
  • Agile/Scrum training or certification.

The Tech Stack

  • Program & documentation: JIRA, Confluence, SharePoint
  • Cloud platforms: AWS, Azure (Google a plus)
  • Compliance frameworks: FedRAMP High, NIST 800-53 Rev. 5, SSP/POA&M; data-residency/sovereignty regimes (EU sovereign cloud, UAE); SOC and ISO a plus

SailPoint is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Benefits and Compensation listed vary based on the location of your employment and the nature of your employment with SailPoint.

As a part of the total compensation package, this role may be eligible for the SailPoint Corporate Bonus Plan or a role-specific commission, along with potential eligibility for equity participation. SailPoint maintains broad salary ranges for its roles to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect SailPoint’s differing products, industries, and lines of business. Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.We estimate the base salary, for US-based employees, will be in this range from (min-mid-max, USD):

$122,200 - $206,028.00

Base salaries for employees based in other locations are competitive for the employee’s home location.

Benefits Overview

1. Health and wellness coverage: Medical, dental, and vision insurance

2. Disability coverage: Short-term and long-term disability

3. Life protection: Life insurance and Accidental Death & Dismemberment (AD&D)

4. Additional life coverage options: Supplemental life insurance for employees, spouses, and children

5. Flexible spending accounts for health care, and dependent care; limited purpose flexible spending account

6. Financial security: 401(k) Savings and Investment Plan with company matching

7. Time off benefits: Flexible vacation policy

8. Holidays: 8 paid holidays annually

9. Sick leave

10. Parental support: Paid parental leave

11. Employee Assistance Program (EAP) and Care Counselors

12. Voluntary benefits: Legal Assistance, Critical Illness, Accident, Hospital Indemnity and Pet Insurance options

13. Health Savings Account (HSA) with employer contribution

SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law.  

Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact applicationassistance@sailpoint.com or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations.  NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.

by @maxrusakovic