Senior Manager, Information Security - Public Compliance

March 21

Apply Now

Receive Emails with Similar Jobs

CrowdStrike

WebsiteLinkedInAll Job Openings

CrowdStrike is a cybersecurity company that provides cloud-based security services to stop breaches. It is recognized as a leader in endpoint protection, identity and cloud security, and managed detection and response. CrowdStrike's platform, Falcon, integrates artificial intelligence to offer real-time visibility, detection, and protection against sophisticated cyber threats. The company is lauded for its effectiveness in securing networks and data, making it a trusted partner for businesses worldwide.

Next-Generation Endpoint Protection • Endpoint Detection and Response • Next Generation Anti-Virus • Managed Threat Hunting • Incident Response

5001 - 10000 employees

Founded 2011

🔒 Cybersecurity

☁️ SaaS

🤖 Artificial Intelligence

📋 Description

• Lead and manage compliance initiatives for CrowdStrike GovCloud environments, ensuring adherence to FedRAMP, DoD SRG IL4/IL5, StateRAMP, CMMC, and international frameworks (ISMAP, IRAP, etc.) • Drive certification efforts by managing internal and external audits, risk assessments, and security documentation submissions • Develop and maintain compliance strategies that align with federal and international security mandates, working closely with engineering, security, and legal teams • Oversee the implementation of controls based on NIST 800-53, RMF, CMMC, and DoD SRG standards, ensuring continuous monitoring and compliance readiness • Serve as a subject matter expert (SME) on public-sector security compliance, providing guidance to internal teams and engaging with government agencies, assessors, and third-party auditors • Manage relationships with regulatory bodies and compliance assessors, advocating for compliance best practices while ensuring business agility • Maintain and enhance security compliance documentation, including System Security Plans (SSPs), policies, procedures, and risk assessments • Support customers and Authorizing Officials (AO) by providing necessary compliance documentation and guidance for their security evaluations • Stay ahead of evolving regulatory landscapes, interpreting new policies and their impact on cloud security compliance • Drive continuous improvement by identifying areas for automation, efficiency, and optimization in security compliance processes • Other responsibilities as requested by leadership

🎯 Requirements

• 12+ years of experience in information security, governance, risk, and compliance (GRC) with a focus on cloud security and public-sector regulatory frameworks • Deep expertise in government compliance programs, including FedRAMP Moderate & High, StateRAMP, CMMC (Levels 2 & 3), DoD SRG IL4/IL5, ISMAP (Japan), IRAP (Australia), and other international security frameworks • Strong knowledge of NIST 800-53, RMF, DFARS, FISMA, ISO 27001, SOC 2, and cloud security best practices • Experience leading compliance assessments, managing third-party audits, and achieving security certifications for cloud environments • Ability to effectively engage with U.S. government agencies, AOs, and compliance assessors to drive compliance approvals • Hands-on experience with security documentation, including SSPs, POA&Ms, control matrices, and compliance automation tools • Strong leadership and collaboration skills, with the ability to work across teams, regions, and organizational levels • Excellent communication and stakeholder management skills, including experience briefing executives and government entities on compliance status and security risks • Technical understanding of cloud security architectures, operating systems, networks, and application security in cloud environments (AWS, Azure, GCP) • Project management experience, including scoping, risk assessment, resource planning, and compliance reporting

🏖️ Benefits

• Remote-friendly and flexible work culture • Market leader in compensation and equity awards • Comprehensive physical and mental wellness programs • Competitive vacation and holidays for recharge • Paid parental and adoption leaves • Professional development opportunities for all employees regardless of level or role • Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections • Vibrant office culture with world class amenities • Great Place to Work Certified™ across the globe