CrowdStrike Logo

CrowdStrike

Information Systems Security Officer (Remote)

Reposted An Hour Ago
Remote or Hybrid
Hiring Remotely in USA
Senior level
Remote or Hybrid
Hiring Remotely in USA
Senior level
Lead federal cloud security and compliance efforts to achieve and sustain ATOs. Implement and automate FedRAMP/IL-5/RMF controls, manage continuous monitoring, coordinate 3PAO audits, drive cloud security architecture, oversee change control/SCRs, and lead incident response and POA&M remediation using AI-enabled automation and monitoring across high-security GovCloud environments.
The summary above was generated by AI

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. We work on large scale distributed systems, processing almost 3 trillion events per day and this traffic is growing daily. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We're proud to work for a mission-driven company leveraging AI to transform the way we work. CrowdStrikers drive their careers through flexibility and autonomy while also being expected to contribute to a culture of responsible AI adoption, experimentation, and innovation. We use an AI-first mindset as a force multiplier to proactively and continuously accelerate execution, build expertise, uncover insights, and solve complex problems. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.


About the Role:

CrowdStrike seeks an exceptionally qualified Information Systems Security Officer (ISSO) to establish, maintain, and enhance the security and compliance of our Federal cloud environments. This critical role ensures business continuity with government clients by implementing stringent federal security requirements. The ideal candidate will focus on managing security controls to achieve and sustain Authorization to Operate (ATO) status across multiple federal systems. This position requires a security professional expert in navigating the entire compliance lifecycle, from continuous monitoring to external audits, while maintaining the highest security standards in a highly regulated environment.

What You'll Do:

AI-Powered GRC Automation & Engineering

  • Utilize deep proficiency in Python, JavaScript, C, or C++ to architect and implement advanced AI automation pipelines, optimizing critical GRC functions such as control assessments, POA&M management, and compliance reporting across federal authorization frameworks.

  • Leverage professional-level cloud architecture expertise and experience in FedRAMP and IL-5 environments to engineer secure, GRC automation tools within GovCloud and high-security boundaries.

  • Translate complex agency security requirements into automated solutions, employing LLM assistance for the rigorous drafting and versioning of SSPs and security narratives to meet evolving FedRAMP 20x mandates.

  • Operationalize AI compliance frameworks and correlate vulnerability intelligence with NIST SP 800-53 controls, providing real-time audit readiness metrics and accelerating the ATO lifecycle.

  • Design and deploy autonomous AI agents capable of executing multi-step GRC workflows — including control validation, evidence gathering, risk analysis, and remediation tracking — reducing manual compliance overhead and enabling continuous, intelligent oversight of federal security environments.

Continuous Monitoring (ConMon) & Remediation

  • Establish, automate, and maintain the Continuous Monitoring (ConMon) strategy from the System Security Plan (SSP), including scanning, assessment, reporting, and automated remediation of compliance checks and Plan of Action and Milestones (POA&M) activities.

  • Participate in the vulnerability intelligence on-call rotation for 24/7 expert analysis and rapid response.

Security Authorization & Risk Management

  • Manage the full Authorization to Operate (ATO) lifecycle, including preparing documentation for initial and continuous security authorizations and acting as the primary point of contact for external compliance.

  • Coordinate annual Third-Party Assessment Organization (3PAO) audits for successful outcomes.

  • Manage the POA&M process, perform risk-based security impact analyses, and track vulnerability remediation to verified closure.

  • Execute security control analyses, recommending infrastructure enhancements based on threat landscape changes.

Cloud Security Architecture

  • Serve as the expert authority on cloud security architecture, providing guidance and implementing defense-in-depth strategies for federal workloads across various cloud configurations (FedRAMP, DISA, agency requirements).

  • Develop and maintain cloud security architecture documentation (diagrams, data flows, controls).

  • Evaluate architectural changes for security impact and guide secure DevSecOps practices in federal clouds.

Change Control & SCR Management

  • Manage the Change Control Board (CCB) and Significant Change Request (SCR) process, providing authoritative security guidance, coordinating stakeholder reviews, and implementing automated workflows.

  • Perform quality assurance and support quarterly audits of SCRs.

  • Generate detailed security impact analyses for FedRAMP and DISA change requests.

Documentation & Governance

  • Maintain the System Security Plan (SSP) and all security authorization packages, ensuring all security artifacts are accurate and align with FedRAMP and EMASS templates.

  • Support governance activities, including policy development and system sponsorship.

  • Coordinate compliance matters with authorizing officials, acting as the primary security advocate.

Incident Response & Business Continuity

  • Serve as the primary security point-of-contact for incident response, managing resolution from initial detection through root cause analysis and implementing preventative measures.

  • Strategically coordinate and lead incident response, business continuity, and disaster recovery exercises.

Audit & Access Management

  • Manage annual security audit evidence collection and coordination.

  • Rigorously audit account management, enforce least privilege through monthly access reviews, and oversee DISA whitelisting requests.

  • Process system deviation requests, including risk assessments and determination of compensating controls.

What You'll Need:

  • Education: Bachelor's degree (or equivalent experience) in a relevant technical field (Engineering, Computer Science, Cybersecurity, IT); advanced degree preferred.

  • Proven experience utilizing AI technologies to enhance decision-making, streamline workflows and processes, improve efficiency and drive business outcomes.

  • Certification: Must hold a DoD 8140/8570 IAM Level II Baseline Certification (CGRC, CASP+, CISM, CISSP/Associate, or CCISO).

  • Eligibility: U.S. Citizenship and residency required for work on sensitive government systems.

  • Expertise: Expert knowledge of NIST SP 800-53, RMF, FedRAMP, and FISMA, with significant hands-on experience implementing and assessing controls in cloud environments (e.g., AWS GovCloud).

  • Experience: Proven success managing 3PAO audits and maintaining a sophisticated Continuous Monitoring (ConMon) program in federal settings.

  • Technical Familiarity: Advanced technical familiarity with modern cloud infrastructure and security tools (e.g., SIEM, Endpoint Security, CI/CD, vulnerability management).

  • Skills: Exceptional analytical, communication, and documentation skills essential for a highly regulated environment.

  • Architecture: Experience performing comprehensive cyber architecture reviews, identifying weaknesses, and recommending improvements.

Bonus Points:

  • Current professional-level AWS Certification (e.g., Solutions Architect, Security Specialist).
    • Proficiency in Python, JavaScript, C, or C++ for developing security automation.
    • Proven liaison experience with government customers regarding their security requirements.
    • Experience with FedRAMP or Agency authorization processes and package preparation.
    • Experience with CMMC, IRAP, TxRAMP, GovRAMP processes and package preparation

#LI-AI1

#LI-Remote

This role will require the candidate to periodically undergo and pass additional background and fingerprint check(s) consistent with government customer requirements.

Benefits of Working at CrowdStrike:

  • Market leader in compensation and equity awards

  • Comprehensive physical and mental wellness programs 

  • Competitive vacation and holidays for recharge  

  • Paid parental and adoption leaves

  • Professional development opportunities for all employees regardless of level or role

  • Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

  • Vibrant office culture with world class amenities

  • Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $125,000 - $180,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.

For detailed information about the U.S. benefits package, please click here

Expected Close Date of Job Posting is:07-28-2026

Similar Jobs at CrowdStrike

Expert/Leader
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Lead CrowdStrike's marketing transformation by operationalizing AI-enabled workflows, driving adoption and governance of agentic systems, defining role and skill evolution, shaping product roadmap, measuring impact, and managing change to embed new ways of working across marketing teams.
Top Skills: Agentic AiAi AgentsClaudeClaude CodeLlmsMemory SystemsPrompt Engineering
An Hour Ago
Remote or Hybrid
Expert/Leader
Expert/Leader
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Lead and build a Field Alliances Operations theater team to support partner ecosystem. Drive territory planning, quota/goaling processes, KPIs, onboarding, process improvements, cross-functional alignment, and operational excellence for Alliances leaders.
Top Skills: ExcelPower BIPowerPointSalesforceTableau
Yesterday
Remote or Hybrid
Senior level
Senior level
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Lead and manage a team of Customer Value Architects to drive customer onboarding, Falcon Flex adoption, value realization, renewals and expansion. Partner with sales and cross-functional teams to deliver ROI analyses, executive business reviews, adoption roadmaps, forecasting, CRM documentation, and minimize churn while hitting quarterly revenue targets.
Top Skills: CRMFalcon FlexMarketing Software

What you need to know about the Bristol Tech Scene

Along with Gloucester, Swindon and Bath, Bristol is part of the "Silicon Gorge" tech hub, a region in the U.K. renowned for its high-tech and research-driven industries, with a particular emphasis on sustainability and reducing environmental impact. As the European Green Capital, Bristol is home to 25,000 cleantech companies, including Baker Hughes and unicorn Ovo Energy. The city has committed to achieving net-zero emissions within the next decade.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account