Staff Technical Program Manager, Regulated Environments
ExternalPrepare for this interview
EliteAI-generated questions, company research, and talking points tailored to this role
About the role
Regulated environments aren't a checkbox for us-they're how we earn the trust of the most security-conscious organizations and governments in the world. As Staff Technical Program Manager for Regulated Environments, you will lead delivery of new regulated environments on our multi-tenant SaaS platform. FedRAMP High is the current priority. Future environments will follow, each with its own data-residency and sovereignty requirements. On any given day you'll be embedded with Engineering leaders defining evidence sample sets, translating controls into concrete engineering work in JIRA, prepping artifacts for independent assessors, and briefing executive leadership on progress and risk. This is a highly visible delivery role responsible for the successful execution of our regulated-environments strategy. You will be: The central engineering program manager leading delivery of our FedRAMP High authorization and standing up the model to sustain it after go-live. The primary interface between Engineering, Product, and our Compliance team for all matters related to regulated environments. Embedded with Engineering leaders to own and manage engineering evidence gathering, define sample sets, and support technical decisions in preparation for FedRAMP and future regulated-environment audits. Accountable for translating compliance requirements into engineering execution plans, control implementation milestones, and audit-ready evidence pipelines-built once and reused across regimes. You'll join our Engineering Operations team, the group that keeps SailPoint's engineering organization secure, compliant, and audit-ready as we scale. Engineering Operations sits at the intersection of Engineering, Product, and Compliance-removing friction, standardizing process, and making sure the right evidence and controls are in place without slowing teams down. This role is dedicated to delivering future regulated environments-with FedRAMP High as the immediate objective and future expansions on the roadmap-partnering daily with Engineering Managers/Directors and our Compliance Director. The durable goal is a repeatable delivery engine so each new regulated environment is stood up faster than the last. Roadmap for Success By 30 days - Discovery & Assessment: Conduct 1:1s with key stakeholders across Engineering, Cybersecurity, Product Ops, and our Compliance organization to map the landscape. Review and ratify a gap analysis of our FedRAMP Moderate posture, focusing on SDLC and FIPS compliance gaps that pose immediate risk. Audit current Jira boards, the POA&M, and in-flight initiatives to gauge engineering velocity and capacity. Work closely with our Product leadership to inventory all in-scope future regulated environments and catalog their data-residency and sovereignty requirements at a high level. Get current on evolving FedRAMP PMO guidance and what it means for our authorization path. By 90 days - Planning, Governance & Early Execution: Finalize the approach, ownership, and sequencing for the highest-impact items with our internal leads. Design the control and evidence framework and governance to be reusable across regimes from day one (a control crosswalk), so FedRAMP work compounds toward regulated environments rather than being one-off. Work with our Compliance team to stand up Significant Change / release-management governance to prevent compliance drift. Deliver leadership a realistic, data-backed timeline and resource plan, including where regulated-environment work will force roadmap trade-offs. Partner with Compliance to frame engineering-scoped SSP documentation and readiness milestones. Establish a monthly attestation and progress report for engineering executive leadership. Track high-priority technical controls and serve as the primary engineering escalation point for blockers. By 6 months - Audit Readiness & Roadmap: Ensure engineering scoped SSP and all attachments (policies, procedures, contingency plans) are fully drafted and aligned with the implemented environment. Coordinate engineering teams' readiness/mock assessment with our third-party assessment organization (3PAO) to surface lingering high-risk gaps before the formal audit. Validate that all product and feature flags are accurately mapped in production to prevent compliance drift. Work with our Product Leadership to deliver a requirements asses
Benefits
Additional Information
This is a remote role within the United States. Due to FedRAMP requirements, this role requires US citizenship. About SailPoint SailPoint provides identity security for cloud enterprises. Our solutions help organizations worldwide secure their digital workforce and ensure employees have the right access-no more, no less. Built on a foundation of AI and ML, our Identity Security Cloud Platform delivers the right level of access to the right identities and resources at the right time-matching the scale, velocity, and changing needs of today's cloud-oriented, modern enterprise.
Your Match
How well this role fits your profile.
Company Intel
What employees say
Worked at sailpoint? Share your experience