C2 Labs is looking for a Junior FedRAMP Consultant (GRC Analyst I equivalent) to support technical writing and evidence operations for FedRAMP authorization and ongoing ConMon. This is a great role if you’re detail-oriented, enjoy structured writing, and want hands-on exposure to FedRAMP delivery.
What you’ll do
· Support drafting and formatting of SSP/KSI artifacts, policies, and plans.
· Collect and organize evidence; maintain traceability in RegScale.
· Maintain trackers for actions, evidence requests, and POA&Ms.
· Help compile monthly/quarterly ConMon reporting inputs.
What we’re looking for
· 1–3 years experience in GRC, audit support, compliance operations, or security documentation.
· Strong written communication and attention to detail (templates, tables, and structured documents).
· Basic familiarity with NIST 800-53 concepts or willingness to learn quickly.
· Comfort working with spreadsheets and tracking artifacts across multiple stakeholders.
· Reliable follow-through and responsiveness in a fast-moving delivery environment.
Nice to have
· Associates degree in IT, Cybersecurity, or related field
· Any FedRAMP exposure (coursework, prior engagement support, or template familiarity).
· Experience with GRC tools (RegScale, ServiceNow GRC, Archer) and/or ticketing systems.
· Security+ or similar entry-level security certification.
Engagement details
· 1099 independent contractor (initial engagement); project-based with potential extension.
· Remote-first; minimal travel expected.
· No clearance required; must be able to pass a standard background check and sign NDA/SOW.
· Hours vary by customer phase; consistent availability during business hours is important.