RemoteLeaf Logo
Log in Sign up

Senior FedRAMP Cloud Consultant

1 month, 2 weeks ago
United States
Full-time
Senior
Penetration Tester
DevOps and Infrastructure
AWS Azure Cybersecurity GCP HIPAA
Apply Now
Coalfire

Coalfire

Coalfire is a cybersecurity advisor that helps organizations avert threats, reduce risk, and turn security into a competitive advantage, fueling their success.

Internet Software & Services
251-1K
Founded 2001
$9M raised
View All Jobs 14

Description

  • Provide advisory support to customers on issues affecting the scope of work and recommend ways to improve security posture.
  • Lead audits and assessments, including audit plan preparation, documentation and evidence review, procedure evaluation, and client interviews.
  • Prepare, review, and approve assessment reports and other deliverables.
  • Manage project priorities, tasks, and hours with the project manager to support delivery and utilization targets.
  • Escalate client and project issues to management in a timely manner and coordinate resources to resolve them.
  • Mentor team members in audit, assessment, technical review, and writing.
  • Interface with clients throughout the engagement and maintain collaborative relationships with clients and stakeholders.
  • Draft audit programs and conduct walkthroughs to determine conformity against stated requirements.
  • Assess security vulnerabilities against relevant security frameworks and corroborate conclusions through inquiry procedures.
  • Inspect evidence remotely and offline, capture detailed interview notes, and mark artifacts needing follow-up or clarification.

Requirements

  • Bachelor's degree in IT, business, or an equivalent combination of education and work experience.
  • 5-10 years of experience as a consultant within professional IT services.
  • Current certification in one of the following: CISSP, CISA, CISM, CCSP, CFR, CCISO, GCED, GCIH, or GSLC.
  • Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF.
  • Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53, and 800-171.
  • Experience delivering Certification and Accreditation (C&A) or Assessment and Authorization (A&A) packages that achieved and maintained full ATO.
  • Experience with virtualization or cloud technologies.
  • Familiarity with statutes and regulations across multiple industries relevant to IT, such as SOX 404, HIPAA, FedRAMP, GLB, and the Patriot Act.
  • Knowledge of AWS, Azure, and GCP cloud offerings is required.
  • Excellent verbal and written communication skills.
  • Ability and willingness to travel up to 20%.
  • Preferred: familiarity with the Canadian Centre for Cyber Security Protected B framework and the DOD CMMC process.
  • Preferred: cloud security-focused certifications such as AWS, Azure, or CCSK.

Benefits

  • Competitive salary range of $86,000 to $148,000 per year.
  • Annual incentive, commission, and/or recognition program eligibility.
  • Flexible work model with the ability to choose when and where you work, including remote options.
  • Paid parental leave.
  • Flexible time off.
  • Certification and training reimbursement.
  • Digital mental health and wellbeing support membership.
  • Comprehensive insurance options.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Belmont Lavan

Oracle Security & Controls consultant 6 Months Contract

Belmont Lavan 11-50 Professional Services

Belmont Lavan Ltd is hiring an Oracle Security & Controls Consultant for a 6-month contract to assess, design, and implement security controls across Oracle environments that support data integrity, confidentiality, and regulatory compliance.

Sweden Denmark Contract Mid Level Database Administrator Penetration Tester
Oracle
4 days, 8 hours ago
BHG Financial

Senior Information Security GRC Specialist

BHG Financial 1K-5K Diversified Financial Services

BHG Financial is hiring a Senior Information Security GRC Specialist to lead enterprise business continuity and disaster recovery efforts while supporting risk and compliance initiatives for its financial services operations.

United States Full-time Senior Penetration Tester
4 days, 8 hours ago
Bridewell

Senior Penetration Tester

Bridewell 251-1K Internet Software & Services

Bridewell is hiring a Senior Penetration Tester to deliver client-facing offensive security assessments across web applications, APIs, and infrastructure while supporting reporting, pre-sales, and service development.

United Kingdom Full-time Senior Penetration Tester
AWS Azure Bash Cybersecurity GCP LLM Penetration Testing PowerShell Python
4 days, 8 hours ago
M

Pentester, Offensive Forward Deployment Engineer

Mistral AI 201-500 Artificial Intelligence

Mistral AI is hiring a hands-on Pentester for its Offensive Security team to run real client engagements, uncover vulnerabilities in Mistral’s systems and external targets, and help shape AI-assisted offensive security capabilities.

France United Kingdom Full-time Senior Penetration Tester
Active Directory AWS Azure CI/CD GCP Penetration Testing
4 days, 9 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers