Thunder (thundersf.com)

Information Assurance Specialist

Posted 2 Days Ago

Be an Early Applicant

Hiring Remotely in Port Area, Capital District, National Capital Region, PHL

In-Office or Remote

Senior level

Big Data • Information Technology • Business Intelligence • Consulting

Get Salesforce right. Now, and forever.

The Role

Lead security and compliance for complex cloud-based federal systems, managing the full Authorization to Operate (ATO) lifecycle, continuous monitoring, and risk management. Advise cloud program teams on security best practices, ensure regulatory compliance (RMF, FISMA, NIST), and coordinate with Government ISSOs. Oversee POA&Ms and remediation of system vulnerabilities.

Summary Generated by Built In

We are seeking an Information Assurance Specialist who will serve as the lead for security and compliance across complex, cloud-based systems supporting federal programs implementing Salesforce and AWS products. This person will ideally be a motivated and customer-oriented cybersecurity professional who will act as a key advisor to cloud program teams. This role is central to managing the full lifecycle of the Authorization to Operate (ATO), encompassing preparation, continuous monitoring, and effective risk management.

Our ideal candidate is a highly motivated self-starter who possesses the vision and drive to steer our security and compliance initiatives. We are looking for someone with a strong background of previous, relevant experience who can hit the ground running and contribute to our newly founded Federal practice.

Responsibilities:

Lead security and compliance activities for complex cloud-based systems or cloud programs.
Oversee ATO preparation, continuous monitoring, and risk management.
Ensure cloud solutions meet regulatory, contractual, and policy cloud and contractual requirements.
Advise cloud programs teams on security best practices.
Lead work with Government ISSOs through the ATO process.

Qualifications:

Minimum of five (5) years of Federal cybersecurity experience, preferably with information assurance experience on Salesforce, AWS, or other SaaS technologies.
Experience maintaining compliance with RMF (Risk Management Framework), FISMA, NIST, and organizational security requirements.
Experience managing Plan of Action and Milestones (POA&Ms) to monitor system vulnerabilities and mitigation strategies.
Certifications: CISSP, CISM, CAP, or other relevant certifications are highly desired.
Must possess a Bachelor's Degree in cybersecurity, computer science, information technology, or related fields.
US Citizenship Required, with ability and willingness to obtain Security Clearance(s) (Secret Clearance strongly preferred)

U.S. citizens are encouraged to apply.

Why Thunder? Because You Deserve More Than Just a Job.

A Culture of Builders – We’re a remote-first, global team of curious, collaborative problem-solvers. You’ll have the opportunity to refine processes, solve challenges, and help shape the future of Salesforce and Amazon consulting. If you’re excited to build, innovate, and grow, you’ll fit right in.
Forge Your Own Path – At Thunder, you’re not just filling a role—you’re shaping it. Whether it’s jumping into presales, refining our methodology, or building something entirely new, the opportunity to innovate is yours to take.

Perks In Store for You:

Comprehensive Benefits with Sequoia – Medical, Dental, Vision, and Employer-Paid Life/Disability Insurance to keep you and your loved ones covered.
Ownership & Impact – Stock options in a fast-moving, high-growth company. Every employee plays a part in what we’re building. Come make your mark!
Level Up Your Career – Real opportunities to grow your Salesforce and Amazon expertise through mentorship, certifications, and hands-on experience with cutting-edge technology.
Work from anywhere (well, almost 😉) - Enjoy the freedom of remote work, flexible PTO (with a 2-week minimum!), and generous leave policies - because the best work happens where you’re happiest.
People-First Flexibility – We’re always listening, evolving, and adapting. Your feedback helps shape our policies, ensuring you can thrive - professionally and personally.

Research shows that women and people from underrepresented groups often apply to jobs only if they meet 100% of the qualifications. We recognize that it is highly unlikely that someone meets 100% of the qualifications for a role. If most of this job description describes you, then we encourage you to please apply for this role. Thunder is proud to be an Equal Opportunity employer, and is deeply committed to building and supporting our diverse team through inclusive, equitable hiring practices.

Thunder does not accept unsolicited resumes from recruitment agencies. All resumes submitted by recruitment agencies to any employee via email, the Internet (including LinkedIn), or directly without a fully-executed search agreement will be deemed the sole property of Thunder, and no fee will be paid in the event the candidate is hired.

Skills Required

Minimum of five (5) years of Federal cybersecurity experience
Information assurance experience on Salesforce, AWS, or other SaaS technologies
Experience maintaining compliance with RMF, FISMA, NIST, and organizational security requirements
Experience managing Plan of Action and Milestones (POA&Ms) to monitor vulnerabilities and mitigation strategies
Experience managing the full lifecycle of Authorization to Operate (ATO) including preparation and continuous monitoring
Bachelor's Degree in cybersecurity, computer science, information technology, or related field
US Citizenship with ability and willingness to obtain Security Clearance(s) (Secret strongly preferred)
Certifications such as CISSP, CISM, CAP, or other relevant certifications

Thunder (thundersf.com) Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Thunder (thundersf.com) and has not been reviewed or approved by Thunder (thundersf.com).

Healthcare Strength — Health coverage is positioned as comprehensive for employees and families, with administration via a recognized benefits platform and employer‑paid life and disability protection noted in postings. Materials emphasize ongoing evaluation to keep offerings best‑in‑class.
Leave & Time Off Breadth — Time off is described as unlimited with a mandated minimum to ensure people actually take rest. Role listings highlight required floors on PTO usage, creating a safeguard against underutilization.
Equity Value & Accessibility — Stock options are offered to full‑time teammates across roles, extending total compensation beyond base pay. This broad access to ownership is framed as a core component of the package.

Learn more about Thunder (thundersf.com)'s Compensation & Benefits →

Thunder (thundersf.com) Insights

What's It Like to Work at Thunder (thundersf.com)? Thunder (thundersf.com) Culture & Values Thunder (thundersf.com) Career Growth & Development What's the Work-Life Balance Like at Thunder (thundersf.com)? Thunder (thundersf.com) Leadership & Management Thunder (thundersf.com) Company Growth, Stability & Outlook

View all jobs at Thunder (thundersf.com)

View Thunder (thundersf.com) Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

322 Employees

Year Founded: 2020

What We Do

Get Salesforce and Amazon Connect right. Now, and forever. Thunder is a trusted Salesforce and Amazon Connect partner. Get GSI-level talent at a boutique consulting partner. We are an all-remote team of seasoned Salesforce and Amazon Connect consultants, based from Hawaii to Brooklyn, NY - and everywhere in-between.