RemoteAtlas
Find Jobs
CompaniesBlogPost a Job
RemoteAtlas

Discover curated remote jobs and work from anywhere. Updated daily with roles from top companies worldwide.

13,600+ live remote jobs

Remote Jobs by Role

  • Remote Engineering Jobs
  • Remote Design Jobs
  • Remote Product Manager Jobs
  • Remote Marketing Jobs
  • Remote Sales Jobs
  • Remote Data Jobs
  • Remote DevOps Jobs
  • Remote Support Jobs
  • Remote Customer Success Jobs
  • Remote Cybersecurity Jobs
  • Remote Mobile Developer Jobs

More Roles

  • Remote QA Jobs
  • Remote HR & People Jobs
  • Remote Finance Jobs
  • Remote Operations Jobs
  • Remote Management Jobs
  • Remote AI & Machine Learning Jobs
  • Remote Writing & Content Jobs
  • Remote Video & Animation Jobs
  • Remote Translation & Localization Jobs
  • Remote IT Support Jobs
  • Remote Community Management Jobs

Remote Jobs by Location

  • Remote Jobs in the US
  • Remote Jobs in Europe
  • International Remote Jobs
  • Remote Jobs in the UK
  • Remote Jobs in the Americas
  • Remote Jobs in EMEA
  • Remote Jobs in APAC
  • Remote Jobs in Canada

Company

  • Browse All Jobs
  • Blog
  • Companies
  • About Us
  • Post a Job
  • Contact Us
© 2026 RemoteAtlas. All rights reserved.
Terms & ConditionsPrivacy Policy
Home/Remote Data Jobs/Onebrief/Corporate Governance, Risk, and Compliance Analyst
Onebrief

Corporate Governance, Risk, and Compliance Analyst

Onebrief

United States | RemoteFull-time$160K - $200KPosted about 20 hours ago
Data & AnalyticsLegal

Summary

Onebrief is hiring a Corporate Governance, Risk, and Compliance Analyst to join their Data & Analytics team. Today, many critical planning workflows still rely on fragmented systems, static documents, and disconnected tools that make collaboration and decision-making unnecessarily difficult. Key skills: Go, CI/CD, AI.

Consequential Work. Dedicated People.


About Onebrief

Onebrief builds collaboration and AI-powered workflow software for military planning and operational coordination.

Today, many critical planning workflows still rely on fragmented systems, static documents, and disconnected tools that make collaboration and decision-making unnecessarily difficult. Onebrief brings modern software, AI, and real-time collaboration into those environments, helping teams operate with greater clarity, coordination, and adaptability in situations where decisions carry real-world consequences.

We are a distributed team of builders from military, operational, and technology backgrounds who care deeply about improving how important work gets done. Some team members work remotely, while others work directly alongside customers in operational environments around the world.

Founded in 2019, Onebrief is backed by leading investors including General Catalyst, Battery Ventures, Insight Partners, Sapphire Ventures, and Human Capital. Valued at more than $2 billion, we continue to invest in product innovation, AI capabilities, and team growth.

Why This Role Exists

Onebrief pursues and maintains RMF authorizations across multiple Department of War components and FedRAMP High for civilian federal customers, alongside CMMC 2.0 and SOC 2 compliance for the corporate side of the business. Each program runs its own review cycle, its own overlays, and its own evidence requirements. That spread creates real coordination risk, and no single person carries it alone. This role needs someone who works closely with Engineering, Product, and Security leadership to keep every program aligned instead of managing each one in isolation.
Every one of these programs depends on evidence: SSPs, SARs, POA&Ms, control mappings, and testing that holds up under audit. Onebrief needs someone who builds that evidence chain, validates it, and keeps it current across federal and commercial frameworks alike, working alongside the teams that generate the underlying artifacts, instead of scrambling before each assessment.
Manual compliance work doesn't scale across this many frameworks. This role exists to automate control testing and close gaps before they become findings, replacing reactive audit prep with a system that runs continuously across every environment Onebrief operates in, government and commercial.
The work sits between engineering and a wide set of regulatory requirements. Every control decision affects how Onebrief's product gets built and deployed for both federal and corporate customers, so this role requires someone who can translate RMF, CMMC, and SOC 2 language into decisions engineers can act on, and coordinate closely with stakeholders across multiple agencies and internal teams at once.

What You'll Do

Core responsibilities:

  • Own RMF authorizations across Department of War components and FedRAMP High, alongside CMMC 2.0 and SOC 2 compliance for corporate systems

  • Maintain authorization and audit evidence, including SSPs, SARs, POA&Ms, STIGs, and control mappings

  • Partner with Engineering, Product, and Security to embed compliance requirements into system design and CI/CD workflows, not bolt them on afterward

  • Coordinate internal assessments and external audit readiness across all applicable frameworks

  • Track regulatory and contractual changes and advise leadership on what they mean for Onebrief

  • Run risk assessments and vendor/supply chain risk reviews across both federal and corporate environments

Minimum Qualifications

  • U.S. Citizen

  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field

  • 8+ years in cybersecurity compliance

  • Hands-on expertise with RMF and at least one of CMMC 2.0 or SOC 2

  • One or more of the following certifications: CISSP, CISM, CISSO, CPTE, CySA+, FITSP-A, GCSA, CISA, ISSEP, GSLC, or GSNA

  • Experience with GRC platforms, including automated evidence collection and testing (eMASS experience a plus)

Preferred Qualifications

  • Experience in DoD environments and compliance frameworks (RMF, ICD 503)

  • Familiarity with agency-specific overlays (DoD, DHS, or civilian agencies)

  • Experience working with 3PAOs, Security Control Assessors, federal customers, or SOC 2 auditors

  • Familiarity with cloud security standards (FedRAMP, ISO 27001, NIST 800-171, DoD Cloud Computing SRG)

Indicators of Success

This role will evolve as priorities change, but the outcomes below reflect what success typically looks like in the first six months.

A successful Governance, Risk, and Compliance Analyst will:

  • Keep authorization packages current across every framework instead of reconstructing them under deadline pressure

  • Reduce manual audit prep by automating control testing and evidence collection

  • Close open POA&M and corrective action items on a predictable cadence

  • Become the go-to person engineers check with before shipping changes that touch compliance boundaries, federal or corporate

Tools, Systems & Technologies

  • eMASS, GRC platforms, NIST RMF documentation (SSPs, SARs, POA&Ms, STIGs), CMMC 2.0 and SOC 2 control frameworks


Notice to Third Party Recruitment Agencies

Please note that Onebrief does not accept unsolicited resumes from recruiters or employment agencies. In the absence of an executed Recruitment Services Agreement, there will be no obligation to any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without an agreement Onebrief explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, shall be deemed the property of Onebrief.

Want to see the full job details?

Create a free account to view complete descriptions, save jobs, and apply instantly.

Related jobs

DuckDuckGo
VP, LegalNew

DuckDuckGo·USA (Remote)

Full-time$320KManagementLegal
1d
Welltech
Senior Data Engineer (Redshift)New

Welltech·Remote — Estonia

Full-timeSoftware DevelopmentData & Analytics
1d
Menlo Security
Senior HRIS Analyst New

Menlo Security·Remote — US - Distributed

Full-time$128k - $192kData & Analytics
18h
Authentic8
SOC Security AnalystNew

Authentic8·Remote — United States

Part-time$65/hr - $75/hrData & AnalyticsSecurity
12h
More remote data jobsMore remote jobs in the US