RAMPxchange Security Advisor

About The Position

Requirements

• Minimum of 2 years of professional experience in one or more areas of information system security, including controls implementation, system configuration, security tools, monitoring, auditing, or reporting.
• Industry-recognized cybersecurity certification such as Security+, Network+, CCNA, or equivalent.
• Strong working knowledge of the Risk Management Framework (RMF) and NIST SP 800-53, including their alignment with related frameworks such as CMMC , FedRAMP, GovRAMP , or ISO/IEC 27001.
• Demonstrated understanding of the security control assessment and audit process.
• Working knowledge of cloud platforms and cloud security requirements.
• Excellent written and verbal communication skills, with the ability to translate technical security concepts into clear, business-focused guidance.
• Strong analytical, risk assessment, and critical thinking skills.
• High attention to detail with the ability to manage multiple priorities effectively.
• Ability to collaborate across cross-functional teams and external partners.
• Client-centric mindset with a proactive, solution-oriented approach.
• Professional judgment and discretion in evaluating security risks and advising stakeholders.

Nice To Haves

• Experience conducting security assessments, audits, or risk scoring activities.
• Background in cybersecurity or risk management consulting.
• Familiarity with multiple compliance frameworks such as FedRAMP, GovRAMP , SOC 2, U.S. state data privacy laws or other non-governmental regulatory frameworks/laws .
• Advanced cybersecurity certifications, including CISSP, CISM, CRISC, or equivalent.

Responsibilities

• Analyze information system security risks, gaps, and vulnerabilities, and provide practical, business-aligned remediation recommendations tailored to client needs.
• Communicate complex technical risks, control requirements, and mitigation strategies clearly to both technical and non-technical stakeholders.
• Conduct client and prospective client demo calls to assess use cases and recommend appropriate platform engagement.
• Support client onboarding by evaluating and vetting vendors using RAMPxchange’s third-party risk assessment tools.
• Facilitate collaboration between cybersecurity vendors and organizations procuring security and risk management products and services.
• Contribute to the development and refinement of marketplace policies, security assessment of questionnaires, and internal operational processes.
• Stay current on emerging cybersecurity threats, technologies, regulatory frameworks, and procurement trends to inform platform guidance and advisory services.

Benefits

• Medical coverage, including employer match program for Health Savings Accounts (HSAs)
• Generous 401k retirement plan with employer match
• Dependent Care Flexible Spending Account (DCFSA)
• Employee Assistance Program (EAP) with unlimited usage and visits and wellness program
• Dental and Vision insurance
• Company-sponsored life insurance, with options for additional coverage
• Short- and Long-Term Disability (STD and LTD) benefits
• Pet insurance
• Maternity, Paternity, and Military benefits
• Baby on Board program
• Paid Time Off package
• Company Anniversary Bonus program
• Professional Development opportunities, including Young Professional Series, Manager Focus series, Cyber Security panels and briefs, and more
• A+ rated HQ office full of amenities including fitness center, rec room, coffee bars, bike room, café, auditorium, private Mother’s room, and more