Cloud Security GRC Consultant
$100,000–$140,000 year
Hybrid · Tampa, Florida, United States or Colorado Springs, Colorado, United States
Job Summary
Cloud Security GRC Consultant responsible for applying NIST RMF and FedRAMP to complex Google Cloud deployments for federal customers; serves as SME for federal compliance requirements (FedRAMP, NIST SP 800-53, agency overlays) and guides A&A lifecycle to achieve Authorization to Operate (ATO); develops and finalizes RMF artifacts (SSP, SCTM, policies) and provides security guidance to cloud architecture and engineering teams to ensure DevSecOps practices; collaborates with security assessors, Authorizing Officials, and 3PAOs; creates actionable risk intelligence, Plan of Action and Milestones (POA&M) entries, and governance recommendations, while mentoring junior team members on RMF processes and cloud compliance; utilizes Google Cloud native tools for continuous monitoring and vulnerability management and stays current on Google Cloud services and technologies; effective communicator with senior management and clients and capable of delivering strategic security policy recommendations.
Required Qualifications
- 4+ years of relevant experience
- Experience as an RMF Consultant, ISSM/ISSO, Security Controls Validator, and/or information assurance engineer
- Hands-on with eGRC tools like: eMASS, XACTA, RSA Archer, etc.
- Ability to clearly articulate ideas for executive level consumption
- Demonstrate the ability to adopt expertise by incorporating new knowledge in real-time to solve client challenges
- Strong understanding of Google Cloud services and technologies
- Excellent communication and teamwork skills
- B.A. or B.S. Information Security, Computer Science, or related discipline
- US Citizenship and an active Secret Security Clearance
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.