# GRC Program Manager, US Government Compliance
**Company:** [OpenAI](https://hotfix.jobs/companies/openai)
**Location:** Washington, DC
**Salary:** $162K-$310K
**Experience:** 5+ years
**Skills:** FedRAMP, Nist, Rmf, Kubernetes, Terraform, AWS, Azure, Authentication, Encryption, Vulnerability Management, Audit Logging
**Posted:** 2026-04-23
> Leads US government compliance programs, driving FedRAMP and agency ATOs for OpenAI products. Collaborates with engineers on security controls, documentation, and audits in highly regulated environments. Requires 5+ years compliance experience and deep USG framework knowledge.
## Job Description
## Responsibilities
- Drive the ATO process for FedRAMP and across multiple government clients in restricted environments with minimal oversight.
- Collaborate with engineering teams to interpret security requirements and implement controls that balance compliance with operational needs.
- Create clear, concise, and technically accurate documentation, including System Security Plans (SSPs), risk assessments, and architecture diagrams.
- Act as a subject matter expert during audits and assessments, representing the organization with credibility and expertise.
- Continuously refine processes to improve the efficiency and quality of compliance efforts.

## Requirements
- Proven experience in obtaining and maintaining a FedRAMP ATO and agency specific ATOs in highly restricted environments, within government or regulated sectors.
- Deep understanding of USG security frameworks and policies (e.g., NIST, RMF, FedRAMP).
- Ability to communicate technical concepts to diverse audiences, including engineers and non-technical stakeholders.
- Exceptional technical program management skills, with the ability to multitask and deliver large complex programs under pressure.

## Nice-to-Haves
- Active US security clearance.
- 5+ years of compliance experience in positions involving information security, data security, or infrastructure or network security.
- Familiarity with deployment models, including to cloud platforms (Azure, AWS) and the underlying infrastructure primitives (Kubernetes, Terraform).
- Strong familiarity with core security concepts and technologies, such as authentication, encryption, vulnerability management, and audit logging.
- Ability to work collaboratively and effectively in a cross-functional team environment.
- Thrive in dynamic environments and can navigate ambiguity with ease.
**Apply:** https://hotfix.jobs/jobs/grc-program-manager-us-government-compliance-at-openai-a48dc498-ad95-4a44-913c-f265e2357109
**Canonical:** https://hotfix.jobs/jobs/grc-program-manager-us-government-compliance-at-openai-a48dc498-ad95-4a44-913c-f265e2357109