CrowdStrike · 13 hours ago
Information Systems Security Officer (Remote)
United States
Full-time
Remote
Mid, Senior Level
$125K/yr - $180K/yrCrowdStrike is a global leader in cybersecurity, dedicated to stopping breaches and providing advanced security solutions. They are seeking an Information Systems Security Officer to manage security and compliance for federal cloud environments, ensuring business continuity with government clients and maintaining stringent security standards.
Artificial Intelligence (AI)Cloud Data ServicesCloud SecurityCyber SecurityNetwork Security
No H1B
U.S. Citizen Only
Responsibilities
Establish, automate, and maintain the Continuous Monitoring (ConMon) strategy from the System Security Plan (SSP), including scanning, assessment, reporting, and automated remediation of compliance checks and Plan of Action and Milestones (POA&M) activities
Participate in the vulnerability intelligence on-call rotation for 24/7 expert analysis and rapid response
Manage the full Authorization to Operate (ATO) lifecycle, including preparing documentation for initial and continuous security authorizations and acting as the primary point of contact for external compliance
Coordinate annual Third-Party Assessment Organization (3PAO) audits for successful outcomes
Manage the POA&M process, perform risk-based security impact analyses, and track vulnerability remediation to verified closure
Execute security control analyses, recommending infrastructure enhancements based on threat landscape changes
Serve as the expert authority on cloud security architecture, providing guidance and implementing defense-in-depth strategies for federal workloads across various cloud configurations (FedRAMP, DISA, agency requirements)
Develop and maintain cloud security architecture documentation (diagrams, data flows, controls)
Evaluate architectural changes for security impact and guide secure DevSecOps practices in federal clouds
Manage the Change Control Board (CCB) and Significant Change Request (SCR) process, providing authoritative security guidance, coordinating stakeholder reviews, and implementing automated workflows
Perform quality assurance and support quarterly audits of SCRs
Generate detailed security impact analyses for FedRAMP and DISA change requests
Maintain the System Security Plan (SSP) and all security authorization packages, ensuring all security artifacts are accurate and align with FedRAMP and EMASS templates
Support governance activities, including policy development and system sponsorship
Coordinate compliance matters with authorizing officials, acting as the primary security advocate
Serve as the primary security point-of-contact for incident response, managing resolution from initial detection through root cause analysis and implementing preventative measures
Strategically coordinate and lead incident response, business continuity, and disaster recovery exercises
Manage annual security audit evidence collection and coordination
Rigorously audit account management, enforce least privilege through monthly access reviews, and oversee DISA whitelisting requests
Process system deviation requests, including risk assessments and determination of compensating controls
Qualification
Required
Education: Bachelor's degree (or equivalent experience) in a relevant technical field (Engineering, Computer Science, Cybersecurity, IT); advanced degree preferred
Certification: Must hold a DoD 8140/8570 IAM Level II Baseline Certification (CGRC, CASP+, CISM, CISSP/Associate, or CCISO)
Eligibility: U.S. Citizenship and residency required for work on sensitive government systems
Expertise: Expert knowledge of NIST SP 800-53, RMF, FedRAMP, and FISMA, with significant hands-on experience implementing and assessing controls in cloud environments (e.g., AWS GovCloud)
Experience: Proven success managing 3PAO audits and maintaining a sophisticated Continuous Monitoring (ConMon) program in federal settings
Technical Familiarity: Advanced technical familiarity with modern cloud infrastructure and security tools (e.g., SIEM, Endpoint Security, CI/CD, vulnerability management)
Skills: Exceptional analytical, communication, and documentation skills essential for a highly regulated environment
Architecture: Experience performing comprehensive cyber architecture reviews, identifying weaknesses, and recommending improvements
Preferred
Extensive security experience in classified/air-gapped environments (e.g., C2S, Azure Government Secret)
Current professional-level AWS Certification (e.g., Solutions Architect, Security Specialist)
Active Secret or higher U.S. Government clearance eligibility
Proficiency in Python, JavaScript, C, or C++ for developing security automation
Proven liaison experience with government customers regarding their security requirements
Experience with FedRAMP or Agency authorization processes and package preparation
Benefits
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe
Health insurance
401k
Paid time off
Company
CrowdStrike
CrowdStrike is a cybersecurity technology firm that provides cloud-delivered protection for cloud workloads, identity, and data.
Founded in 2011
5001-10000 employees
Funding
Current Stage
Public CompanyTotal Funding
$1.24BKey Investors
ARK Investment ManagementAccelCapitalG
2022-12-01Post Ipo Equity· $4.6M
2021-01-12Post Ipo Debt· $750M
2019-06-12IPO
Leadership Team
George Kurtz
President / CEO & Founder
Zeki Turedi
Field CTO Europe
Recent News
2026-01-25
Business Insider
2026-01-24
2026-01-23
Company data provided by crunchbase