RemoteLeaf Logo
Log in Sign up

Principal, FedRAMP Advisory

6 hours, 44 minutes ago
United States
Full-time
Lead
Penetration Tester
Cybersecurity
AWS Azure Cybersecurity DevSecOps Encryption GCP
Apply Now
Coalfire

Coalfire

Coalfire is a cybersecurity advisor that helps organizations avert threats, reduce risk, and turn security into a competitive advantage, fueling their success.

Internet Software & Services
251-1K
Founded 2001
$9M raised
View All Jobs 13

Description

  • Work with industry and standards bodies to provide information security expertise across technical and non-technical topics.
  • Scope and lead client engagements, including pre-sales calls, onsite visits, and delivery of packaged or custom solutions.
  • Develop technical content such as security plans, procedures, policies, and white papers for client use.
  • Lead delivery engagements including compliance roadmaps, architecture guidance, and gap assessments.
  • Manage engagement status, surface blockers, and communicate progress to stakeholders.
  • Collaborate with engineering, support, business, project management, quality, and sales teams to drive customer success.
  • Serve as the subject matter expert for escalations, sales and marketing support, and practice profitability and revenue.
  • Provide delivery team support through process improvements, methodology training, and mentoring.
  • Develop industry thought leadership through methodologies, templates, white papers, work instructions, training, webinars, and conference presentations.
  • Support client satisfaction, identify upsell and cross-sell opportunities, and maintain strong account relationships.

Requirements

  • Bachelor’s degree in computer science, Information Systems Management, Information Security, Business, or equivalent experience required.
  • CISSP, CISM, CISA, CCSP, or equivalent certification required.
  • 7+ years of experience in an IT security audit, assessment, compliance, risk management, or data privacy role.
  • 7+ years of experience working with NIST frameworks, CMMC, FedRAMP, DoD CC SRG and/or RMF, FISMA, or GovRAMP (StateRAMP).
  • Knowledge of current information risk, security, and compliance trends, challenges, innovations, and solutions.
  • Knowledge of strategy, privacy, and risk standards/frameworks such as NIST, ISO, CIS Top 20, ISSA, CSA CMM, Privacy by Design, and FAIR.
  • Knowledge of enterprise risk and security operational practices and information security-related solutions, tools, and utilities.
  • Experience developing strategy, setting direction for team members, and influencing stakeholders internally and externally.
  • Experience building common compliance frameworks and mapping between different compliance requirements.
  • Demonstrated breadth of security expertise across subdomains such as encryption, identity, and incident response.
  • Hands-on technical expertise is preferred due to the technical components of the frameworks.
  • Experience with risk assessment methodologies and risk reporting for executive leadership.
  • Strong ability to write complex technical documents for a varied enterprise audience.
  • Big Four advisory/consulting experience is preferred.
  • DevSecOps experience is preferred.
  • CMMC CCP or CCA certification is preferred.
  • AWS, Azure, or Google Cloud Platform certifications are preferred.
  • OpenFair or related certification, CCBP, and vendor certifications for applicable product solution sets are preferred.

Benefits

  • $104,000 to $179,600 annual salary range.
  • Eligibility for annual incentive, commission, and/or recognition programs.
  • Flexible work model with the option to work from home or an office.
  • Paid parental leave.
  • Flexible time off.
  • Certification and training reimbursement.
  • Digital mental health and wellbeing support membership.
  • Comprehensive insurance options.
  • Employee resource groups and access to in-person and virtual events.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Magnet Forensics

Vulnerability Researcher

Magnet Forensics 251-1K Internet Software & Services

Magnet Forensics is hiring a Vulnerability Researcher to support its remote research and development team in advancing digital investigative software used by customers worldwide.

Canada United Kingdom France Germany Spain Sweden Full-time Mid Level Penetration Tester
4 hours, 14 minutes ago
Infosys

Third Party Risk Management (TPRM) Consultant - Principal

Infosys 100K+ Internet Software & Services

Infosys Consulting is seeking a Principal Third Party Risk Management Consultant to lead enterprise third-party risk, GRC, and vendor assurance programs for clients across multiple industries.

Poland Full-time Lead Penetration Tester Program Manager
10 hours, 44 minutes ago
Ascera

Practice Manager, Director, Principal (NIST/CMMC)

Ascera Internet Software & Services

112Cyber is seeking a senior leader to grow and run its CMMC compliance practice, overseeing both advisory and C3PAO engagements while improving delivery outcomes for clients and the business.

United States Full-time Lead Operations Manager Penetration Tester
10 hours, 44 minutes ago
Ethena

Head of Security

Ethena 1-10 Diversified Financial Services

Ethena Labs is seeking a globally remote Head of Security to lead and own the company’s end-to-end security strategy across its crypto and stablecoin products, infrastructure, and operations.

Anywhere Executive Penetration Tester Security Engineer
AWS Cybersecurity Kubernetes Penetration Testing SIEM
11 hours, 14 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers