FISMA/FedRAMP Senior Consultant

Align Technology
Summary
Join A-LIGN as a Senior Consultant and lead client engagements, manage projects, mentor junior staff, and contribute to methodology development. Leverage your expertise in FISMA/FedRAMP and NIST Risk Management Framework (RMF) to perform security assessments for cloud computing technologies. Lead teams in conducting assessments, developing Security Authorization Packages, and ensuring compliance with FedRAMP requirements. This nationwide, full-time position offers a flexible work environment without time reporting, chargeability goals, or sales pressure. The role requires strong experience with FISMA and FedRAMP, along with a deep understanding of NIST publications and cloud environments. Successful candidates will demonstrate excellent communication and leadership skills.
Requirements
- Bachelor’s degree in management information systems, information security, computer science, or relevant discipline; or combination of relevant education and work experience
- At least 3 years of experience in information security, with strong NIST experience (in order of preference): NIST SP 800-53, FedRAMP, RMF, FISMA, NIST SP 800-171
- Demonstrated knowledge of NIST publications, such as: NIST SP 800-30 rev 1, 800-37 rev 1 or 2, 800-53 rev 4, 800-53A rev 4, 800-60 Vol 1 & 2 rev 1, and 800-171 rev 1
- Experience with government compliance, including FISMA, FedRAMP, RMF, and CSF
- Experience with commercial cloud environments; architectures, technologies, and services
- Lead at least five FedRAMP or FISMA engagements from kick-off to report delivery
- At least one advanced cybersecurity certification such as: CISSP, CISM, CISA, CCSP, CRISC, CAP, CASP, or other relevant security certifications, multiple are preferred
- Ability to meet deadlines with a high degree of motivation working in a fast-paced environment
- Ability to lead multiple assessment engagements and train junior staff
- Excellent communication skills to include the ability to explain technical matters to a non-technical audience
- Broad IT background with technical understanding of networks, protocols, security configurations, cryptography, identity and access management, and the systems development life cycle
Responsibilities
- Lead assessments from initiation to project closure including: Planning/Closing Meeting
- Process Walkthroughs
- Leading Findings Discussion
- Regular status updates internally and externally
- Coach other team members and assessors as part of team
- Drive working sessions with clients to ensure expectations and direction are aligned and timelines are being met
- Execute security assessments in accordance with NIST SP 800-53, 800-37, 800-171, and other authoritative IT security guidance
- Develop Security Authorization Packages and ensure completeness and compliance with FedRAMP requirements and other authoritative IT security guidance
Preferred Qualifications
- Master’s degree is a plus
- At least one vendor-specific cloud-related technology certifications such as: AWS, MS Azure, Google Cloud, Cisco Cloud, VMWare, etc. is preferred
- PMP is a plus
Benefits
- Health, Vision, Dental Benefits
- 401 (K) Plan with Employer Matching
- Competitive Bonus Structure
- Employer Paid Life Insurance and Disability Insurance
- Generous Paid Time Off Plan
- Virtual Employment
- Home Office Reimbursement
- Vacation Bonus
- Paid Office Closure December 25-January 1
- Paid Holidays Schedule
- Certification Reimbursement