Sr. Advisor, Technical Audit & Compliance

Join us as a Sr Advisor, Technical Audit and Compliance.  This will be a US Remote position.

Reporting directly to the CISO, you will be responsible for supporting and leading internal IT audit engagements, assigning work, reviewing team contributions. You will lead engagements through the management of standard project execution, gap analysis and remediation. In addition to mentoring staff, you will have the opportunity to provide input on methodology development, technical assessment strategy, and engagement planning for assessments as a technical SME. 

Senior Consultants are leaders in ISO, PCI, HIPAA & FedRAMP who bring solid knowledge of audit engagement and portfolio management. Using your strong experience with FISMA and FedRAMP and familiarity with the NIST Risk Management Framework (RMF) you will support and lead teams to perform assessments for cloud computing technologies in meeting federal compliance.

This position is open nationwide - candidates living anywhere in the United States can apply.

Team Environment

Our team is collaborative, enjoys working with each other, and we are eager to help each other succeed. We are self-starters with technical curiosity and have a willingness to learn. We are open to sharing new ideas and improvements. We work on cutting-edge technologies to provide the best experience for the customer. We take pride in our work. If this sounds like you, then you may be a good candidate for our team!

You will

• Lead assessments from initiation to project closure
• Monitor the progress of engagements and key project activity dates
• Drive working sessions with internal clients to ensure expectations and direction are aligned and timelines are being met
• Execute security assessments in accordance with ISO 27001, 27701, NIST SP 800-53, 800-37, 800-171, and other authoritative IT security guidance
• Develop Security Authorization Packages and ensure completeness and compliance with FedRAMP requirements and other authoritative IT security guidance.

What you’ll need to succeed in this role

• Bachelor’s degree in management information systems, information security, computer science, or relevant discipline; or combination of relevant education and work experience
• Master’s degree is a plus
• Minimum 5 years of experience in information security, with strong NIST experience (in order of preference): NIST SP 800-53, FedRAMP, RMF, FISMA, NIST SP 800-171
• Demonstrated knowledge of NIST publications, such as: NIST SP 800-30 rev 1, 800-37 rev 1 or 2, 800-53 rev 4, 800-53A rev 4, 800-60 Vol 1 & 2 rev 1, and 800-171 rev 1s
• Experience with government compliance, FedRAMP, ISO27001, 27701
• Experience with commercial cloud environments; architectures, technologies, and services
• Ability to meet deadlines with a high degree of motivation working in a fast-paced environment
• Ability to lead multiple assessment engagements and train junior staff
• Excellent communication skills to include the ability to explain technical matters to a non-technical audience
• Broad IT background with technical understanding of networks, protocols, security configurations, cryptography, identity and access management, and the systems development life cycle

We'd prefer

• At least one advanced cybersecurity certification such as: CISSP, CISM, CISA, CCSP, CRISC, CAP, CASP, or other relevant security certifications, multiple are preferred
• At least one vendor-specific cloud-related technology certifications such as: AWS, MS Azure, Google Cloud, Cisco Cloud, VMWare, etc. is preferred
• PMP 

#lijt1