Posted in Other 7 days ago.
As a key leader within CrowdStrike’s Governance, Risk, and Compliance (GRC) program, you will be responsible for managing compliance assessments, certifications, and audits, as well as ensuring that our cloud security posture aligns with evolving government regulations. You will collaborate closely with internal stakeholders, external auditors, and government entities to maintain the highest levels of security compliance.
This is an exciting opportunity to shape the future of CrowdStrike’s GovCloud security and compliance programs, ensuring we meet the most stringent government security standards while driving innovation and efficiency in compliance management.
Lead and manage compliance initiatives for CrowdStrike GovCloud environments, ensuring adherence to FedRAMP, DoD SRG IL4/IL5, StateRAMP, CMMC, and international frameworks (ISMAP, IRAP, etc.).
Drive certification efforts by managing internal and external audits, risk assessments, and security documentation submissions.
Develop and maintain compliance strategies that align with federal and international security mandates, working closely with engineering, security, and legal teams.
Oversee the implementation of controls based on NIST 800-53, RMF, CMMC, and DoD SRG standards, ensuring continuous monitoring and compliance readiness.
Serve as a subject matter expert (SME) on public-sector security compliance, providing guidance to internal teams and engaging with government agencies, assessors, and third-party auditors.
Manage relationships with regulatory bodies and compliance assessors, advocating for compliance best practices while ensuring business agility.
• Maintain and enhance security compliance documentation, including System Security Plans (SSPs), policies, procedures, and risk assessments.
Support customers and Authorizing Officials (AO) by providing necessary compliance documentation and guidance for their security evaluations.
Stay ahead of evolving regulatory landscapes, interpreting new policies and their impact on cloud security compliance.
Drive continuous improvement by identifying areas for automation, efficiency, and optimization in security compliance processes.
Other responsibilities as requested by leadership.
12+ years of experience in information security, governance, risk, and compliance (GRC) with a focus on cloud security and public-sector regulatory frameworks.
Deep expertise in government compliance programs, including FedRAMP Moderate & High, StateRAMP, CMMC (Levels 2 & 3), DoD SRG IL4/IL5, ISMAP (Japan), IRAP (Australia), and other international security frameworks.
Strong knowledge of NIST 800-53, RMF, DFARS, FISMA, ISO 27001, SOC 2, and cloud security best practices.
Experience leading compliance assessments, managing third-party audits, and achieving security certifications for cloud environments.
Ability to effectively engage with U.S. government agencies, AOs, and compliance assessors to drive compliance approvals.
Hands-on experience with security documentation, including SSPs, POA&Ms, control matrices, and compliance automation tools.
Strong leadership and collaboration skills, with the ability to work across teams, regions, and organizational levels.
Excellent communication and stakeholder management skills, including experience briefing executives and government entities on compliance status and security risks.
Technical understanding of cloud security architectures, operating systems, networks, and application security in cloud environments (AWS, Azure, GCP).
Project management experience, including scoping, risk assessment, resource planning, and compliance reporting.
Experience in system engineering or security operations supporting government compliance programs.
Familiarity with CrowdStrike’s products and cloud security services.
Security certifications such as CISSP, CISM, CISA, CCSP, or relevant compliance certifications (e.g., Certified CMMC Assessor, FedRAMP Certified Assessor).
CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.
CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.
If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.
Find out more about your rights as an applicant.
CrowdStrike participates in the E-Verify program.
Notice of E-Verify Participation
PI266058112
Walmart
$117,000.00 - $234,000.00 per year
|
Walmart
$169,000.00 - $338,000.00 per year
|
Walmart
$117,000.00 - $234,000.00 per year
|