RemoteLeaf Logo
Log in Sign up

Senior FedRAMP Consultant

1 hour, 30 minutes ago
United States
Full-time
Senior
Penetration Tester
Cybersecurity
AWS Azure GCP HIPAA
Apply Now
Coalfire

Coalfire

Coalfire is a cybersecurity advisor that helps organizations avert threats, reduce risk, and turn security into a competitive advantage, fueling their success.

Internet Software & Services
251-1K
Founded 2001
$9M raised
View All Jobs 11

Description

  • Provide advice to clients on issues affecting the scope of work and add value throughout engagements.
  • Lead audits and assessments, including audit plan preparation, documentation and evidence review, procedure evaluation, and client interviews.
  • Prepare, review, and approve assessment reports and other work products.
  • Manage project priorities, tasks, and hours with the project manager to meet delivery and utilization targets.
  • Escalate client and project issues promptly to management and coordinate needed resources.
  • Mentor team members in audit, assessment, technical review, and writing.
  • Interface with clients throughout the full engagement and build positive relationships with clients and stakeholders.
  • Collaborate with project managers, quality management, sales, and delivery teams to meet deliverables and drive customer satisfaction.
  • Draft audit programs that address regulatory objectives and the complexity of the client environment.
  • Lead walkthroughs, evaluate security vulnerabilities against relevant frameworks, and document findings from inquiry and evidence inspection.

Requirements

  • Bachelor’s degree in IT, business, or an equivalent combination of education and work experience.
  • 5–10 years of experience as a consultant in professional IT services.
  • Must hold one of the following certifications: CISSP, CISA, CISM, CCSP, CFR, CCISO, GCED, GCIH, or GSLC.
  • Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF.
  • Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53, and 800-171.
  • Experience delivering Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages through full authorization to operate (ATO).
  • Experience with virtualization or cloud technologies.
  • Familiarity with statutes and regulations across multiple industries relevant to IT, such as SOX 404, HIPAA, FedRAMP, GLB, and the Patriot Act.
  • Knowledge of AWS, Azure, and GCP cloud offerings is required.
  • Excellent verbal and written communication skills.
  • Willingness to travel up to 20%.
  • Familiarity with the Canadian Centre for Cyber Security Protected B framework is a plus.
  • Familiarity with the DOD CMMC process is a plus.
  • Cloud security-focused certifications such as AWS, Azure, or CCSK are a plus.

Benefits

  • Salary range of $86,000–$148,000 per year.
  • Eligibility for annual incentive, commission, and/or recognition programs.
  • Flexible work model with remote and office options.
  • Paid parental leave.
  • Flexible time off.
  • Certification and training reimbursement.
  • Digital mental health and wellbeing support membership.
  • Comprehensive insurance options.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

CallTek

Pentest/Retest Operator

CallTek 51-250 Internet Software & Services

This role focuses on penetration testing and vulnerability validation across networks, web applications, APIs, and infrastructure for a security-driven environment.

Philippines Full-time Mid Level Penetration Tester
Active Directory Burp Suite Linux Network Security Nmap Penetration Testing Postman Wireshark
1 hour, 30 minutes ago
AHEAD

Senior Director, Managed Security Services and Solutions Delivery

AHEAD 1K-5K IT Services

AHEAD is hiring a Senior Director, Managed Security Services and Solutions Delivery to lead remote security operations and managed services for enterprise customers.

United States Full-time Lead Operations Manager Penetration Tester
$350k-$400k
CrowdStrike Cybersecurity Elasticsearch Linux SIEM Unix
1 hour, 30 minutes ago
PartnerOne

Information Security Manager

PartnerOne 51-250 Media

PartnerOne is seeking an Information Security Manager to lead and mature its enterprise security program, overseeing strategy, operations, and executive reporting across a growing SaaS environment.

Mexico Argentina Brazil Chile Colombia Uruguay Full-time Lead Penetration Tester
Generative AI Penetration Testing
1 hour, 45 minutes ago
Essnova

Security / RMF Lead

Essnova 11-50 Internet Software & Services

Essnova Solutions, Inc. is hiring a Security/RMF Lead to support the VISION contract for the National Center for Health Statistics by maintaining federal system security compliance and leading authorization and remediation activities for mission-critical public health systems.

United States Full-time Senior Penetration Tester
1 hour, 45 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers