Senior Product Manager, Compliance
Listed on 2026-07-13
-
IT/Tech
AI Business & Operations
Senior Product Manager, Compliance The Opportunity
Our Product team is defining a new product‑led growth business within Booz Allen where you will design, build, and deliver product to customers will experience the autonomy of a start‑up with the resources, mentorship, and stability of an established tech company and be able to look across industry and capability areas to craft new outcomes leveraging the deep catalog of existing technology and customer solutions.
This team consistently pushes the boundaries of what is possible, shaping a future where product investments combined with Booz Allen’s existing services can supercharge customers.
Booz Allen is seeking a Product Manager to define and build the next generation of compliance products. As a Product Manager focused on automated compliance outcomes, you will blend regulatory knowledge with an understanding of cutting‑edge AI technology to disrupt traditional governance, risk, and compliance (GRC) methods. You will leverage Booz Allen’s experience in delivering differentiated compliance outcomes for customers and reshape it.
One challenge will be to fuse deep regulatory controls expertise—including CMMC, FedRAMP, SOC 2, and PCI DSS—with AI and emerging technologies. You will own the end‑to‑end product lifecycle, from identifying high‑impact AI use cases such as automated evidence collection and cross‑framework control mapping to defining the technical roadmap, collaborating with engineering and data science teams to build trustworthy, auditable features, and partnering with go‑to‑market teams to ensure the product meets the complex security and audit requirements of regulated customers.
These capabilities will underpin solutions across our product portfolio, including cybersecurity, defense, autonomy, AI, data, and more. Due to the nature of work performed within this facility, U.S. citizenship is required.
Own the end‑to‑end product vision, strategy, and roadmap for a next‑generation compliance platform that explicitly leverages AI such as LLMs, machine learning for continuous monitoring, and NLP for policy analysis.
Leverage internal and external expertise on the specified compliance frameworks, including CMMC, FedRAMP, SOC 2, PCI DSS, and their overlaps, control mappings, certification processes such as C3
PAO or 3
PAO, and future direction.Identify and validate specific use cases where AI can automate time‑consuming compliance tasks such as automated evidence collection, cross‑framework control mapping, real‑time control drift detection, policy‑to‑control narrative generation, and intelligent risk scoring.
Conduct deep market research on the emerging AI compliance landscape, understanding competitor offerings, auditor expectations, and customer pain points to identify defensible product advantages.
Translate complex regulatory requirements such as NIST SP 800‑171 controls or FedRAMP continuous monitoring requirements and user needs into detailed, prioritized product requirements, user stories, and acceptance criteria for engineering and design teams.
Serve as the primary product leader, driving alignment and collaboration across engineering, data science, AI, UX, design, legal, compliance, and Go‑to‑Market teams.
Partner with Data Science and Engineering to define the data ingestion, labeling, security, and governance strategy necessary to train, validate, and securely operate the underlying AI or ML models while adhering to data privacy and compliance standards.
Spend significant time engaging with target customers such as CISOs, Compliance or Risk Officers, and IT Admins and external assessors or auditors—including C3
PAOs or 3
PAOs—to gather feedback, validate prototypes, and ensure the product meets audit‑readiness standards.Own, prioritize, and manage the platform product backlog, including translating high‑level strategy into detailed, actionable requirements such as user stories or epics for engineering teams.
Work closely with engineering and technical product leads and architects to define the technical requirements, system design, and overall architecture to ensure the platform is robust, secure, and scalable.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).