Job Description
As our FedRAMP Practice continues to grow, RISCPoint is looking for Senior Consultants to maintain our ability to provide quality deliverables and expert advice to our clients. The Senior Consultant will report directly to FedRAMP Managers and is a trusted member of the RISCPoint FedRAMP Services Team. You will be responsible for leading projects and staff consultants, coordinating with other consultants and project teams across service lines and delivering best-in-class consulting services to clients. Description Key Responsibilities · Providing leadership within our FedRAMP team and aligning the FedRAMP team with our company vision, while leading service execution in support of client and RISCPoint goals. · Interfacing with and providing regular updates to the FedRAMP Managers and assuming accountability for client deliverables. · Advise RISCPoint clients regarding information security and broader compliance programs in support of industry leading standards such as FedRAMP, FISMA, NIST 800 Series, and CMMC. · Work closely with client leadership teams as a subject matter expert to enhance their cyber security posture in all areas of Information Technology to meet their goals and objectives, as well as with regulatory compliance requirements. · Conduct client workshops and walkthrough meetings to develop and implement cloud governance models across people, process, and technology controls to position client solutions for favorable external party evaluation. · Advise and contribute to client’s risk and compliance needs to clearly articulate continuous monitoring plans and actions, consistent with relevant cybersecurity standards, including managing Plans of Action and Milestones (POA&Ms). · Assess the risks and rewards to our clients based on potential cybersecurity decisions. · Coordinate with partners at audit firms, managed service providers, regulators and other third parties to drive business outcomes for our clients. · Manage and develop staff consultants while effectively managing a portfolio of engagements. · Work with the Public Sector Leadership Team to define appropriate skills and staffing levels within the Public Sector practice while optimizing the mix of resources. · Provide coaching, feedback, developmental opportunities, etc. to staff consultants. Qualifications · Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field or combination of relevant education and equivalent work experience. Experience · Minimum of 3 years of experience in security and privacy risk assessment, consulting, or related roles. · Leading and managing projects and maintaining project timelines and delivery dates. · Deep familiarity with, or experience as a 3PAO to obtain FedRAMP Ready or FedRAMP Authorized status for platforms, systems, and applications. · Specialized knowledge in producing and/or validating FedRAMP documentation. · Strong grasp of security frameworks with strong NIST experience (in order of preference): FedRAMP, RMF, NIST SP 800-53, FISMA, NIST SP 800-171 · Demonstrated knowledge of NIST publications, such as: NIST SP 800-30, 800-37, 800-53, 800-53A, 800-60 Vol 1 & 2, and 800-171 · Excellent communication skills, adept at conveying technical concepts to diverse audiences including client executives. · Knowledge of new and emerging information technology (IT) and cybersecurity technologies along with strong understanding of security fundamentals, including the CIA triad. · Familiarity with Authorization Boundary Diagrams (ABD’s). · Technical experience with AWS and/or Azure a plus. Certifications · At least one advanced cybersecurity certification such as: CISSP (preferred), CISM, CISA, CCSP, or other relevant security certifications, multiple are preferred. · Advanced vendor-specific cloud-related technology certifications, a plus, such as: AWS, Azure, Google Cloud, Cisco Cloud, VMWare, etc. · PMP and/or Baltimore Cyber Range Certification a plus. Skills · Ability to autonomously deliver according to team expectations. · Deadline-oriented, with an exceptional degree of self-motivation and ownership. · Thrive in a dynamic and fast-paced environment. · Excellent oral and written communication skills. · Ability to work independently as well as collaboratively. · Driven to succeed with an appetite to be challenged. · Meticulously detailed. Compensation & Benefits · Generous Salary + Bonus · Company Paid Health Insurance · Company Paid Dental Insurance · Company Paid Vision Insurance · Company Paid Life Insurance · 401k with 3% Company Contribution (Traditional & Roth Options) · Generous Vacation Policy About the Company RISCPoint was founded with the vision to seamlessly integrate with your team, utilizing only high-performing professionals with deep technical and operational experience to fulfill your security and compliance needs. Our diverse team has served companies ranging from Fortune 10 to pre-series A start-ups. Our first priority is to understand your specific needs, only recommending services we are certain will deliver a meaningful return on investment. We provide business-focused risk, technology and cybersecurity solutions, specifically tailored to your organization.