Director, FedRAMP

Director, FedRAMP at Box

Box is seeking a Director, FedRAMP to lead the Federal Risk and Authorization Management Program (FedRAMP) for Box's cloud services. This senior leadership role will own the strategy, governance, and day-to-day execution of FedRAMP compliance, including planning, security assessments, authorization packages, continuous monitoring, and remediation tracking. The Director will partner with security, legal, product, compliance, and federal customers, and will interact with federal agencies and third-party assessors (3PAOs) to ensure timely and accurate authorization decisions. The ideal candidate will map Box controls to NIST SP 800-53, manage risk registers and POAMs, and drive improvements to stay aligned with evolving federal standards. This role requires strong program management, influence, and communication skills, with a proven track record of successful FedRAMP engagements.

Responsibilities

• Lead the end-to-end FedRAMP program, including strategy, assessment, authorization, and continuous monitoring.
• Collaborate cross-functionally with Security, Legal, Product, Compliance, and Federal customers.
• Develop and maintain FedRAMP strategy, roadmaps, governance artifacts, and performance metrics.
• Manage relationships with 3PAOs, federal agencies, and the Joint Authorization Board (JAB).
• Oversee risk assessment, remediation planning, and POAM management to maintain continuous authorization.
• Ensure accurate mapping of Box controls to NIST SP 800-53 and adapt controls to Box's services.
• Lead audits and prepare documentation (SSP, SAR) for FedRAMP compliance and annual assessments.
• Mentor and grow a high-performing team; establish governance and reporting processes.
• Represent Box in FedRAMP governance forums and direct federal customer engagements.

Qualifications

• 10+ years in information security or compliance with at least 5 years in FedRAMP or federal program leadership.
• Deep knowledge of FedRAMP, RMF, NIST SP 800-53, and security control mapping.
• Experience coordinating with 3PAOs and federal agencies; proven track record of delivering FedRAMP authorizations.
• Strong cross-functional collaboration, communication, and stakeholder management skills.
• Bachelor's degree; advanced degree preferred; education is optional.

About Box

Box is a leading provider of secure cloud content management and collaboration solutions that help large organizations securely manage and share information.

Benefits

Box offers a competitive compensation package, comprehensive benefits, and opportunities to contribute to federal programs at scale.