Cybersecurity Consulting Director - FedRAMP Services

Cybersecurity Consulting Director – FedRAMP Services 

ABOUT THE COMPANY 

Are you looking to elevate your career? Do you want opportunities for growth and leadership? Do you have an entrepreneurial mindset? RISCPoint is a partner-owned, rapidly growing business leading cybersecurity and compliance consultancy firm. We are a tight-knit team of experienced professionals that focus on integrating seamlessly with our clients to harmonize their security and compliance obligations with their business success. We are looking for talented professionals, passionate about the industry to join our team. 

We value continuous improvement, personal growth, learning and mentoring. We believe that when we are at our best, we provide the most value to our clients and our teammates respectively. 

KEY RESPONSIBILITIES 

As our Public Sector Practice continues to grow, RISCPoint is looking for senior level professionals to maintain our ability to provide quality deliverables and expert advice to our clients. The Public Sector Director will report directly to the COO and is a trusted member of the RISCPoint Leadership Team. You will be responsible for leading projects and project teams, coordinating with other consultants and project teams across service lines and delivering best-in-class consulting services to clients.  

Responsibilities include: 

• Providing leadership for our Public Sector team and aligning the Public Sector team with our company vision, while leading service execution in support of client and RISCPoint goals. 

• Interfacing with and providing regular updates to the Executive Leadership Team as part of the Leadership Team, assuming accountability for the Public Sector delivery team.  

• Direct information security and broader compliance programs in support of industry leading standards such as FedRAMP, FISMA, NIST 800 Series, and CMMC for RISCPoint clients. 

• Work closely with client IT leadership teams as a subject matter expert to enhance their cyber security posture in all areas of Information Technology to meet their goals and objectives, as well as with regulatory compliance requirements. 

• Conduct client workshops and walkthrough meetings to develop and implement cloud governance models across people, process, and technology controls to position client solutions for favorable external party evaluation. 

• Advise and contribute to client’s risk and compliance needs to clearly articulate continuous monitoring plans and actions, consistent with relevant cybersecurity standards, including managing Plans of Action and Milestones (POA&Ms).  

• Assess the risks and rewards to our clients based on potential cybersecurity decisions 

• Build consensus with partners at audit firms, managed service providers, regulators and other third parties to drive business outcomes for our clients.  

• Manage and develop a delivery team while effectively managing direct reports with a portfolio of engagements.  

• Work as part of the RISCPoint Leadership Team to define appropriate skills and staffing levels within the Public Sector practice while optimizing the mix of resources.  

• Provide coaching, feedback, developmental opportunities, etc. to direct/indirect reports within a broader team. 

QUALIFICATIONS 

Education 

• Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field or combination of relevant education and equivalent work experience.  

Experience 

• Minimum of 8 years of experience in security and privacy risk assessment, consulting, or related roles. 

• Leading and managing projects and campaigns with excellent project management skills. 

• Deep familiarity with, or experience as a 3PAO to obtain FedRAMP Ready or FedRAMP Authorized status for platforms, systems, and applications. 

• Specialized knowledge in producing and/or validating FedRAMP documentation. 

• Strong grasp of security frameworks with strong NIST experience (in order of preference): FedRAMP, RMF, NIST SP 800-53, FISMA, NIST SP 800-171 

• Demonstrated knowledge of NIST publications, such as: NIST SP 800-30, 800-37, 800-53, 800-53A, 800-60 Vol 1 & 2, and 800-171 

• Excellent communication skills, adept at conveying technical concepts to diverse audiences including client executives. 

• Proven track record of providing meaningful security and privacy recommendations aligned with business goals. 

• Knowledge of new and emerging information technology (IT) and cybersecurity technologies along with strong understanding of security fundamentals, including the CIA triad. 

• Familiarity with Authorization Boundary Diagrams (ABD’s). 

• Technical experience with AWS and/or Azure a plus. 

Certifications 

• At least one advanced cybersecurity certification such as: CISSP (preferred), CISM, CISA, CCSP, or other relevant security certifications, multiple are preferred. 

• Advanced vendor-specific cloud-related technology certifications, a plus, such as: AWS, Azure, Google Cloud, Cisco Cloud, VMWare, etc. 

• PMP and/or Baltimore Cyber Range Certification a plus. 

SKILLS 

• Ability to autonomously deliver according to team expectations. 

• Deadline-oriented, with an exceptional degree of self-motivation and ownership. 

• Ability to lead multiple engagements and train staff. 

• Thrive in a dynamic and fast-paced environment. 

• Excellent oral and written communication skills. 

• Ability to work independently as well as collaboratively. 

• Driven to succeed with an appetite to be challenged. 

• Meticulously detailed. 

COMPENSATION & BENEFITS 

• Generous Salary + Bonus 

• Company Paid Health Insurance 

• Company Paid Dental Insurance 

• Company Paid Vision Insurance 

• Company Paid Life Insurance 

• 401k with 3% Company Contribution (Traditional & Roth Options) 

• Flexible Vacation Policy 

• Annual Company Retreat 

Note: This position is 100% remote. 

Powered by JazzHR

P0pnyaP5GQ