Audit & Risk Mgmt Consultant

About The Position

Requirements

• Bachelor’s degree in a relevant field or an equivalent combination of education and experience.
• Significant experience in security compliance, audit, risk management, internal controls, or regulatory program management.
• Hands-on experience supporting or managing FedRAMP, GovRAMP, or similar government or security compliance frameworks.
• Excellent understanding of internal controls, audit methodologies, risk management practices, and compliance documentation.
• Experience working cross-functionally with Information Security, Engineering, Product, Legal, and customer-facing teams.
• Proven ability to independently manage complex initiatives, resolve ambiguity, and drive work to completion.
• Excellent written and verbal communication skills, with the ability to communicate effectively with customers, auditors, technical teams, and executive stakeholders.
• Demonstrated ability to analyze complex problems, apply professional judgment, and improve processes using best practices.

Nice To Haves

• Experience working directly with government customers or within highly regulated environments.
• Familiarity with frameworks and standards such as NIST 800-53, FedRAMP, GovRAMP, SOC 2, ISO 27001, SOX, or similar.
• Experience coordinating with external auditors or third-party assessors.
• Relevant certifications such as CISA, CRISC, CISSP, CISM, PMP, or comparable credentials.

Responsibilities

• Lead and project manage GovRAMP and FedRAMP readiness, assessment coordination, and execution activities across internal stakeholders and external assessors or government customer representatives.
• Serve as the primary point of contact for government customers, translating security, compliance, and technical requirements into actionable plans and deliverables.
• Coordinate and support customer-facing security and compliance requests, including questionnaires, evidence collection, control mapping, policy documentation, audit artifacts, and follow-up actions.
• Partner with Information Security, Product, Engineering, Infrastructure, Legal, PMO, and customer-facing teams to drive completion of compliance deliverables and remediation activities.
• Review, evaluate, develop, implement, maintain, and validate internal controls, business processes, and supporting documentation to ensure alignment with corporate objectives and government standards.
• Track project milestones, dependencies, risks, issues, and decisions associated with government compliance programs and communicate status, risks, and outcomes to leadership and stakeholders.
• Ensure policies, procedures, standards, and process documentation are periodically reviewed, updated, and maintained across the organization.
• Support audits and assessments by coordinating evidence requests, stakeholder interviews, remediation tracking, and communications with external auditors, assessors, or customer representatives.
• Contribute to continuous improvement of the organization’s security and compliance framework, including controls maturity, process design, and readiness for evolving government requirements.
• Provide professional guidance in areas of expertise, lead small project teams, and formally train or mentor junior team members as needed.

Benefits

• This job is eligible for an annual incentive bonus.
• country specific benefits