Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
Consultant, FedRAMP Assessment image - Rise Careers
Job details

Consultant, FedRAMP Assessment

About Coalfire


Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.


But that’s not who we are – that’s just what we do.

 

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.


Position Summary


The Security Consultant will work as part of a team assessing the security and compliance of Coalfire’s client – a major cloud service offering against regulatory and industry requirements and standards, with a focus on FedRAMP and related federal frameworks. This mid-level role will have a strong understanding of framework requirements, perform assessment activities, and contribute to reports for clients and deep analytical skills.


What You'll Do
  • Partner with a team of assessors as a compliance subject matter expert in at least one domain and contribute to client assessment planning
  • Draft audit programs that address both regulatory requirements and the complexity of client environments.
  • Autonomously leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements
  • Analyze security vulnerabilities against the appropriate security frameworks
  • Perform remote reviews of client-provided documentation; identify and flag items for follow-up or clarification
  • Evaluate client evidence for compliance across various standards
  • Prepare, review, and contribute to formal assessment reports
  • Clearly communicate compliance concepts and recommendations to clients
  • Ensure high-quality deliverables are provided on time, aligned with Coalfire's standards
  • Pursue ongoing professional development; maintain current industry certifications and subject matter expertise
  • Execute assessment procedures, including interviews and technical testing, aligned with applicable controls
  • Review and assess respective information system security plans (SSP) to ensure control requirements are met
  • Understand how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable
  • Take ownership of assigned responsibilities, demonstrating accountability and initiative in driving tasks to completion with minimal oversight.
  • Apply analytical thinking to identify trends, evaluate compliance effectiveness, and support data-driven decision-making.
  • Actively contribute to the evolution of compliance assessment practices, providing input and feedback to enhance methodology.
  • Collaborate with internal teams to develop tools, templates, and repeatable processes that streamline workflows and increase operational efficiency.
  • Is team oriented and supports the overall teams development and contributes to the culture


What You'll Bring
  • Minimum 2-3 years of experience in the Cloud Technology or IT Audit industry,
  • Strong familiarity with the NIST Special Publications 800-37, 800-53, and 800-53A desired
  • Familiarity with major cloud service offerings (AWS, Azure, Google Cloud)
  • Read and interpret all NIST control families, understand risks associated with specific controls.
  • Familiarity with  or other comparable frameworks (PCI, SOC, HITRUST etc) authorization process.
  • Growing ability to independently research a technical topic and develop logical testing approaches to validate 800-53 control implementations
  • Proficient ability to assist with artifact collection and validation against requirements
  • Basic proficiency at interpreting technical evidence like cloud configurations and network/boundary/data flow diagrams 
  • Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience 
  • Strong personal initiative to appropriately manage time and meet deadlines 
  • Strong Consulting skills: ability to advise, challenge the status quo while building strong relationships, credible writing and verbal communicator 
  • High attention to detail  
  • Diplomatic and broad minded 
  • Ability to travel up to 20%


Bonus Points
  • CISSP (or Associate), CISA, CCSP, Cloud+, CySA+, CASP+, or other R311 required "3PAO Junior Assessor" cybersecurity certification. BCR desired completion, but not required.
  • Cloud certifications demonstrating basic cloud proficiency preferred: AWS Cloud Practitioner, Azure Fundamentals, Google Foundational
  • Expertise in other security frameworks area positive but not required (SOC 2, ISO, NIST RMF or FISMA, COBIT, HIPAA/HITECH, HITRUST or PCI).
  • Experience working with technologies hosted via cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform)
  • Experience reviewing Nessus output a plus, along with basic knowledge of networking components and various operating  systems in a cloud environment, including UNIX and Microsoft. 


$64,000 - $112,000 a year
The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

Why You’ll Want to Join Us


At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.


Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.


At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, our Human Resources team at HumanResourcesMB@coalfire.com.

Coalfire Glassdoor Company Review
3.8 Glassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star icon Glassdoor star icon
Coalfire DE&I Review
No rating Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon
CEO of Coalfire
Coalfire CEO photo
Tom McAndrew
Approve of CEO

Average salary estimate

$88000 / YEARLY (est.)
min
max
$64000K
$112000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Consultant, FedRAMP Assessment, Coalfire

Are you ready to dive into the world of cybersecurity and make a real difference? Coalfire is seeking a passionate Consultant for FedRAMP Assessment to join our dynamic team. Based in the United States, you will have the opportunity to work with some of the leading cloud service providers, helping them navigate the complex regulatory landscape. As a Security Consultant, you will assess security and compliance for our clients, focusing on FedRAMP and related federal frameworks. Your analytical skills will shine as you work with a team to develop audit programs that address regulatory requirements, analyze security vulnerabilities, and evaluate compliance evidence. You'll lead client interviews, draft comprehensive assessment reports, and ensure that all deliverables meet our high-quality standards. It's not just about meeting requirements – it's about making a difference in how our clients operate! At Coalfire, we prioritize ongoing professional development and the cultivation of a supportive work culture. Whether you're working from home or in our office, you’ll appreciate our flexible work model that promotes both personal and professional growth. If you're eager to join a team of dedicated experts and are looking for an opportunity to grow your career while impacting the cybersecurity landscape, apply today!

Frequently Asked Questions (FAQs) for Consultant, FedRAMP Assessment Role at Coalfire
What are the primary responsibilities of a Consultant, FedRAMP Assessment at Coalfire?

As a Consultant, FedRAMP Assessment at Coalfire, your key responsibilities include working with a team to assess security and compliance for cloud service providers, leading client interviews, drafting audit programs, and analyzing security vulnerabilities. You will prepare, review, and contribute to assessment reports while ensuring high-quality compliance deliverables are met on time.

Join Rise to see the full answer
What qualifications do I need to become a Consultant, FedRAMP Assessment at Coalfire?

To be considered for the Consultant, FedRAMP Assessment position at Coalfire, candidates should have 2-3 years of experience in Cloud Technology or IT Audit. A strong understanding of NIST frameworks, as well as familiarity with major cloud services such as AWS, Azure, and Google Cloud, is essential. Additionally, strong analytical, communication, and consulting skills are vital to succeed in this role.

Join Rise to see the full answer
What kind of professional development opportunities does Coalfire offer for the Consultant, FedRAMP Assessment role?

Coalfire strongly believes in the professional development of its employees. As a Consultant, FedRAMP Assessment, you will have access to various training programs, certification reimbursement, and mentorship from experienced professionals in the field. Our company culture promotes ongoing learning and growth, enabling you to accomplish your career goals.

Join Rise to see the full answer
Does the Consultant, FedRAMP Assessment position require travel?

The Consultant, FedRAMP Assessment role at Coalfire allows for flexibility with travel requirements. While the position may involve some travel, approximately up to 20%, we prioritize work-life balance and strive to accommodate the personal needs of our team members.

Join Rise to see the full answer
What is the salary range for the Consultant, FedRAMP Assessment position at Coalfire?

The salary range for the Consultant, FedRAMP Assessment position at Coalfire is between $64,000 and $112,000 per year. This range is based on national salary averages and will be tailored to your qualifications, experience, and other job-related factors.

Join Rise to see the full answer
Common Interview Questions for Consultant, FedRAMP Assessment
Can you explain your understanding of the FedRAMP process and its significance in cloud security?

A strong answer should include how FedRAMP is a government-backed program that standardizes security assessment and authorization for cloud products and services. It's crucial for ensuring that cloud services offered to federal agencies meet stringent security requirements to protect sensitive data.

Join Rise to see the full answer
How do you prioritize tasks when preparing for a security compliance assessment?

Effective prioritization involves identifying critical tasks based on deadlines and client needs. Utilizing tools like checklists, timelines, and collaboration with team members helps streamline the task management process.

Join Rise to see the full answer
Describe a challenging project you handled and how you approached it.

Outline a specific project where compliance was complex. Explain how you consulted with your team, researched requirements, and utilized thoughtful strategies to successfully navigate the challenges to achieve compliance.

Join Rise to see the full answer
What strategies do you use to communicate technical concepts to non-technical clients?

Highlight the importance of using simple language, analogies, and visual aids which can help bridge the communication gap. It’s essential to tailor your approach based on the client’s background and knowledge.

Join Rise to see the full answer
How do you keep yourself updated with current cybersecurity regulations and standards?

Discuss ways such as enrolling in courses, attending industry conferences, following relevant publications, and participating in professional groups, which all contribute to staying abreast of changes in the cybersecurity landscape.

Join Rise to see the full answer
What is your experience with NIST Special Publications 800-53?

Detail your familiarity with NIST SP 800-53, its purpose in establishing a framework for security controls, and how you’ve applied it in previous roles to evaluate and improve security posture.

Join Rise to see the full answer
Can you share an experience where you identified vulnerabilities during an assessment?

Provide a clear example of a specific situation where your keen analytical skills led to identifying vulnerabilities, what actions were taken afterward, and how you were able to enhance the client's security posture.

Join Rise to see the full answer
What role does documentation play in the compliance assessment process?

Emphasize that thorough documentation is critical not only for compliance purposes but also serves as a historical record, aids in consistency, and provides clarity for both internal teams and clients.

Join Rise to see the full answer
How do you handle tight deadlines and pressure during an assessment?

Discuss techniques you employ such as effective time management, delegating tasks when appropriate, and maintaining a problem-solving mindset to ensure deadlines are met without sacrificing quality.

Join Rise to see the full answer
What do you think has changed in the cybersecurity landscape over the past few years?

Express your views on the rise of cloud services, increased regulations, and evolving threats, and how these changes require ongoing adjustments and advancements in compliance practices.

Join Rise to see the full answer
Similar Jobs
Photo of the Rise User

Join Coalfire as a Technical Senior Manager of Site Reliability Engineering and lead the charge in delivering resilient and secure systems for our clients.

Photo of the Rise User
Coalfire Remote United States
Posted 7 days ago

Join Coalfire, where you'll be integral in transforming the cybersecurity landscape for clients as a SOC 2 Consultant.

Photo of the Rise User

MedStar Georgetown University Hospital is looking for a Senior GU Oncologist to contribute to their multidisciplinary cancer care team.

Photo of the Rise User

As a Senior Revenue Operations Consultant at Go Nimbly, you'll guide fast-growing companies through operational efficiencies while working remotely.

Photo of the Rise User

LifeStance Health is on the lookout for Licensed Therapists who are passionate about patient care and eager to join a dynamic clinical team.

Join Houston Methodist as an Advanced Practice Provider to provide essential primary care in a supportive outpatient environment.

Photo of the Rise User
Posted 7 days ago

Join Visa as a Sr. Consultant, Client Success to enhance client engagement and drive product adoption in a pivotal role.

Photo of the Rise User

Join Last Mile Health as a Consultant focusing on evidence and learning in global public health through literature reviews and strategic insights.

Photo of the Rise User

As a Director of Technical Services RMO at Palo Alto Networks, you'll lead the global team ensuring optimal resource allocation and project staffing in a remote role.

Sia Remote Amstelplein 1, 1096 HA Amsterdam, Netherlands
Posted 12 days ago

Take your consultancy career to the next level with Sia, where you will lead transformative projects in the energy sector.

Coalfire is a cybersecurity and compliance services company that secures the future of businesses by solving complex cybersecurity challenges and is trusted by leading organizations across various sectors.

67 jobs
MATCH
Calculating your matching score...
BADGES
Badge ChangemakerBadge Diversity ChampionBadge Flexible CultureBadge Future Maker
FUNDING
DEPARTMENTS
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
EMPLOYMENT TYPE
Full-time, hybrid
DATE POSTED
April 15, 2025

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!
LATEST ACTIVITY
Photo of the Rise User
Someone from OH, Elyria just viewed Security Officer - Factory Patrol at Allied Universal
Photo of the Rise User
Someone from OH, Cincinnati just viewed Staff Software Test Engineer, Platform at Clari
Photo of the Rise User
Someone from OH, Perrysburg just viewed Sourcing Leader, Minerals & Cullet at Owens Corning
Photo of the Rise User
Someone from OH, North Royalton just viewed Remote AI Voice Trainer (High-Quality Microphone Required) at Datadog
C
Someone from OH, Akron just viewed Phlebotomy Technician - Outpatient at CCF
Photo of the Rise User
Someone from OH, Solon just viewed Graphic Designer at Applause
Photo of the Rise User
Someone from OH, North Canton just viewed NodeJs developer at BlackStone eIT
Photo of the Rise User
Someone from OH, North Canton just viewed Software Development Engineer - Recent Grads Welcome at Sonos