Sr. Federal Compliance Specialist (Remote)

#WeAreCrowdStrike and our mission is to stop breaches. As a global leader in cybersecurity, our team changed the game. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks. We’re looking for people with limitless passion, a relentless focus on innovation and a fanatical commitment to the customer to join us in shaping the future of cybersecurity. Consistently recognized as a top workplace, CrowdStrike is committed to cultivating an inclusive, remote-first culture that offers people the autonomy and flexibility to balance the needs of work and life while taking their career to the next level. Interested in working for a company that sets the standard and leads with integrity? Join us on a mission that matters - one team, one fight.

About the Role:

The Senior Compliance Specialist is charged with assisting in the identification, assessment, measurement, monitoring, and reporting of risk through CrowdStrike’s Governance, Risk, and Compliance (GRC) program. This Senior ComplianceSpecialist’s primary function will involve strategically supporting product and service assessments in CrowdStrike’s United States federally authorized (FedRAMP and DoD) environments. In addition, this role may be called on to support or lead corporate operations and IT compliance audits and assessments (including international Frameworks), vendor and partner risk assessments, or support customer assurance efforts to address questions from CrowdStrike customers as needs and interests require. The Senior Compliance Specialist will also perform compliance advisory functions.

The ideal candidate will deeply understand current assessment frameworks, technologies, and processes while being continuously on the lookout for innovative and flexible ways to automate or improve processes that support a fast-paced, secure, and empowered environment.   

What You’ll Do:

This role covers audit, compliance, vendor risk, and customer assurance functions in the context of security and privacy within enterprise-wide operational areas such as:

• Assisting with internal and external audits and assessments including control assessment, monitoring, and reporting including collection and organization of evidence;

• Conducting third party controls evaluations to determine risk;

• Working with various internal teams or external parties to define and prioritize remediation efforts, tracking remediation activities, and inspecting/validating solutions that have been implemented;

• Responding to CrowdStrike and customer questions regarding GRC topics and CrowdStrike technologies;

• Performing other duties within the scope of governance, risk, and compliance as needed.

What You’ll Need: 

• 5+ years of working experience on different compliance frameworks, including FedRAMP, NIST, DoD Cloud Computing Security Requirements Guide (SRG), CMMC, and other emerging standards. 

• prior strategic-level experience with FedRAMP or DoD authorization processes, systems, and methodologies;

• Experience in program or project management, auditing, and/or control framework development and implementation. 

• fundamental technical understanding of key technologies such as Windows, Linux, and Apple operating systems, networks, application development, databases, virtualization, and cloud infrastructure; and

• a BA or BS / MA or MS degree in Computer Science/Engineering, Math, Information Security, Information Systems, Information Assurance, Information Security Management, Intelligence Studies, Data Science, or Cybersecurity.
   

Bonus Points:

• Understanding/experience with other international frameworks such as IRAP, Spain LINCE, ISMAP, GDPR, etc.

• Prior writing of system security plans (SSPs) or authorization documentation for federal platforms.

• Any work with OSCAL and its ecosystem of languages.

• Practical experience in programming languages including typical HTML, CSS, JavaScript, Python, etc. and Data Analytics.

• Project management experience in scoping, work break-down, critical path analysis, resourcing, managing time estimates, project risks, and quality.

• Ability to think strategically about risks and tie those risks to tactical organizational activities.

• Experience with a cloud environment and the CrowdStrike products or services.

• Open to learning and working on new domains and technology.

#LI-RC1

#LI-Remote

Benefits of Working at CrowdStrike:

• Remote-first culture

• Market leader in compensation and equity awards

• Competitive vacation and flexible working arrangements 

• Comprehensive and inclusive health benefits

• Physical and mental wellness programs

• Paid parental leave, including adoption 

• A variety of professional development and mentorship opportunities

• Offices with stocked kitchens when you need to fuel innovation and collaboration

Right to Work