A-LIGN

Senior IT Auditor – FISMA/FedRAMP

Posted 3 Hours Ago

Be an Early Applicant

Hiring Remotely in United States

Remote

Senior level

Security • Cybersecurity

The Role

The Senior IT Auditor manages assessments for FISMA and FedRAMP, leading teams and ensuring compliance with security standards, while mentoring junior staff.

Summary Generated by Built In

About the Role

The FISMA/FedRAMP Senior Consultant works independently and collaboratively to support and lead client engagements within A-LIGN’s FISMA and FedRAMP practices. In this role, the Senior Consultant is responsible for managing standard project execution, overseeing client service activities, assigning work, reviewing team contributions, and ensuring quality reports are delivered. The Senior Consultant provides leadership to Staff Consultants through engagement management and ongoing mentorship.

Additionally, the Senior Consultant supports continued organizational growth by contributing to methodology development, technical assessment strategy, and engagement planning as a technical subject matter expert. Using strong experience with FISMA, FedRAMP, and familiarity with the NIST Risk Management Framework (RMF), this role supports and leads teams performing assessments for cloud computing technologies in support of federal compliance requirements.

Reports to

FISMA/FedRAMP Manager

Pay Classification

Full-Time, Exempt

Responsibilities

Lead assessments from initiation to project closure including:
- Planning/Closing Meeting
- Process Walkthroughs
- Leading Findings Discussion
- Regular status updates internally and externally
Coach other team members and assessors as part of team
Drive working sessions with clients to ensure expectations and direction are aligned and timelines are being met
Execute security assessments in accordance with NIST SP 800-53, 800-37, 800-171, and other authoritative IT security guidance
Develop Security Authorization Packages and ensure completeness and compliance with FedRAMP requirements and other authoritative IT security guidance

Minimum Qualifications

EDUCATION

Bachelor’s degree in management information systems, information security, computer science, or relevant discipline; or combination of relevant education and work experience
Master’s degree is a plus

EXPERIENCE

At least 3 years of experience in information security, with strong NIST experience (in order of preference): NIST SP 800-53, FedRAMP, RMF, FISMA, NIST SP 800-171
Demonstrated knowledge of NIST publications, such as: NIST SP 800-30 rev 1, 800-37 rev 1 or 2, 800-53 rev 4, 800-53A rev 4, 800-60 Vol 1 & 2 rev 1, and 800-171 rev 1
Experience with government compliance, including FISMA, FedRAMP, RMF, and CSF
Experience with commercial cloud environments; architectures, technologies, and services
Lead at least five FedRAMP or FISMA engagements from kick-off to report delivery

CERTIFICATIONS

At least one advanced cybersecurity certification such as: CISSP, CISM, CISA, CCSP, CRISC, CAP, CASP, or other relevant security certifications, multiple are preferred
At least one vendor-specific cloud-related technology certifications such as: AWS, MS Azure, Google Cloud, Cisco Cloud, VMWare, etc. is preferred
PMP is a plus

SKILLS

Ability to meet deadlines with a high degree of motivation working in a fast-paced environment
Ability to lead multiple assessment engagements and train junior staff
Excellent communication skills to include the ability to explain technical matters to a non-technical audience
Broad IT background with technical understanding of networks, protocols, security configurations, cryptography, identity and access management, and the systems development life cycle

Benefits

Healthcare, Dental, and Vision Benefits
Employer Paid Life Insurance and Disability Insurance
EAP - Employee Assistance Program
Pet Insurance
401(k) Plan with Employer Matching
Competitive Bonus Structure
Home Office Reimbursement
Certification Reimbursement
Personalized Career Coaching
Generous Paid Time Off
Paid Office Closure December 25-January 1
Vacation Bonus
Summer Hours

About A-LIGN

A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor. To learn more, visit a-lign.com

Come Work for A-LIGN!

Apply online today at A-LIGN.com and learn about life at A-LIGN by following us on LinkedIn.

A-LIGN is an Equal Opportunity Employer. Minorities, women, disabled, and veterans encouraged to apply!

Skills Required

Bachelor's degree in management information systems, information security, computer science, or relevant discipline
At least 3 years of experience in information security and NIST frameworks
At least one advanced cybersecurity certification such as CISSP, CISM, or CISA
Experience with government compliance including FISMA and FedRAMP
Experience with commercial cloud environments and architectures

View all jobs at A-LIGN

View A-LIGN Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: Tampa, FL

573 Employees

Year Founded: 2009

What We Do

A-LIGN is a technology-enabled security and compliance partner that helps global organizations take a strategic approach to confidently mitigate cybersecurity risks. Our breadth and depth of expertise and A-SCEND, our proprietary compliance management platform, enable you to assess against the leading cybersecurity compliance frameworks important to your business – with one partner. With A-LIGN as your guide, we bring you the people, process and platform you need to secure your summit, protect against future risks and build customer confidence so you can focus on elevating your business.