# Member of Technical Staff, Governance Risk Compliance

**Company:** [xAI](https://hotfix.jobs/companies/xai)
**Location:** New York, NY, Palo Alto, CA, Washington, DC
**Role:** Security Engineering
**Salary:** $100k – $228k/yr
**Skills:** FedRAMP, Nist 800-53, Nist 800-171, Cmmc, SOC 2, ISO 27001, Risk Management Framework, Stig, Poam, Vulnerability Management, Cloud Security, Cisa, Crisc
**Posted:** 2026-05-26

> Lead GRC initiatives ensuring xAI meets federal compliance standards (FedRAMP, NIST, CMMC) while managing risk for AI systems and cloud deployments. Requires 3+ years in security compliance, a bachelor's degree, and expertise in federal frameworks.

## Job Description

## Responsibilities
- Execute security compliance implementation and audits (e.g., ISO 27001/42001, SOC2, FedRAMP HIGH, DoD Cloud Computing SRG IL5/IL6, NIST 800-53 rev 5, NIST 800-171/CMMC, Risk Management Framework).
- Work with 3PAOs and federal government Authorizing Officials to achieve compliance certifications, reports, and ATO status.
- Identify, assess, and prioritize risks related to AI operations, cybersecurity, regulatory compliance, intellectual property, and cloud deployments.
- Design and implement risk mitigation strategies, including monitoring systems, contingency plans, vulnerability scans, POAMs, and STIGs.
- Ensure the implementation, oversight, monitoring, and maintenance of security configurations, practices, and procedures throughout the project lifecycle.
- Serve as a liaison between system owners, security personnel, and cross-functional teams.
- Lead Risk Management Assessment and Authorization (A&A) processes, cloud system risk assessments, compliance reviews for new products/changes/features.
- Conduct regular risk assessments, scenario analyses, and proactive evaluations of emerging threats.
- Oversee audits, certifications, third-party assessments, and vulnerability management.
- Act as a subject matter expert, providing guidance on risk, compliance, and cybersecurity matters.
- Create and present regular reports on GRC performance, risks, and compliance status to senior leadership.

## Requirements
- 3+ years of experience in governance, risk management, compliance, or technology audit roles.
- Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
- Proven expertise in regulatory frameworks, data privacy, cybersecurity, and federal compliance standards.
- Strong understanding of AI ethics, Risk Management Framework (RMF), and associated risks.
- Experience with vulnerability management, POAMs, STIG implementation, and cloud security controls.
- Ability to evaluate control objectives with IT configurations.
- Exceptional analytical, problem-solving, organizational, and project management skills.
- Excellent communication, stakeholder management, and translation skills.

## Nice-to-Haves
- Previous systems engineering experience.
- Certifications like CISA, CRISC, CGEIT, Security+, CASP+.
- Experience in the tech or AI industry, particularly with startups or government/public sector engagements.
- Deep expertise maintaining frameworks such as FedRAMP, DoD Cloud Computing SRG, NIST 800-171, NIST 800-53, CMMC, and STIG/RMF policies.
- Familiarity with ISO 27001, ISO 42001, NIST, SOC 2.
- Background in managing third-party risk, vendor compliance programs, or federal assessments.
- 5+ years of security compliance or technology audit-related experience.

## Similar roles

- [Staff International Security Specialist](https://hotfix.jobs/jobs/3efb5816-915d-4049-bc78-8361dd73d4af) - Shield AI - Dallas, TX - $100k – $150k/yr
- [Staff COMSEC Officer](https://hotfix.jobs/jobs/2adb5b0b-0d3e-4920-b096-04690e4f2b0c) - Shield AI - Washington, DC - $100k – $150k/yr
- [Staff Contractor Program Security Officer (R4898)](https://hotfix.jobs/jobs/78a2b078-15e9-46ba-a91b-e0196c40a092) - Shield AI - Washington, DC - $100k – $150k/yr
- [Security Software Engineer, Infrastructure Security (Staff or Senior)](https://hotfix.jobs/jobs/f000eb12-58fe-45b4-a3d5-ff318709d9fb) - MongoDB - Remote - $127k – $249k/yr
- [Staff Security Architect](https://hotfix.jobs/jobs/bb106601-c89c-4669-93cf-d7f23dfb0b6c) - Kraken - Remote - $127k – $254k/yr

**Apply:** https://hotfix.jobs/jobs/1abfad81-3fa5-4aad-875f-b0e0f9e1dfac
**Canonical:** https://hotfix.jobs/jobs/1abfad81-3fa5-4aad-875f-b0e0f9e1dfac