Key skills
PythonAIAWSAzureGCPCI/CDSales
About this role
Iceberg is one of the fastest growing AI technology start-ups, rapidly emerging as a leader in their field with a multi-billion valuation. They are seeking a highly technical GRC Engineer who will own and lead FedRAMP and GovRAMP compliance, focusing on engineering compliance into systems and automating compliance processes.
Responsibilities:
- Own and lead FedRAMP (and GovRAMP) end-to-end, from early-stage build through to audit readiness and certification
- Design and implement scalable, engineered compliance systems (not manual processes)
- Automate compliance and control monitoring across cloud environments
- Translate regulatory requirements into real technical controls embedded in infrastructure and workflows
- Work hands-on with engineering teams to integrate security into systems and CI/CD pipelines
- Read and understand code (ideally Python) to build or support automation workflows
- Support customer and sales teams with technical security discussions and compliance queries
- Drive broader compliance initiatives (SOC2, ISO27001, etc.) where needed
Requirements:
- Proven experience leading FedRAMP end-to-end (from scratch)
- Strong technical background (cloud, infrastructure, security engineering)
- Ability to work directly with engineers at a deep technical level
- Experience building or automating compliance systems (not just maintaining them)
- Hands-on experience with cloud environments (AWS, GCP, or Azure)
- Experience embedding compliance into CI/CD or engineering workflows
- Start-up or small team experience
- GovRAMP experience
- Python or scripting for automation
- Compliance-as-code / continuous compliance tooling
- Experience with NIST frameworks (800-53, etc.)
- Exposure to AI-related frameworks (ISO42001, NIST AI RMF, EU AI Act)