[Hiring] Information Systems Security Officer @CrowdStrike

Role Description

CrowdStrike seeks an exceptionally qualified Information Systems Security Officer (ISSO) to establish, maintain, and enhance the security and compliance of our Federal cloud environments. This critical role ensures business continuity with government clients by implementing stringent federal security requirements. The ideal candidate will focus on managing security controls to achieve and sustain Authorization to Operate (ATO) status across multiple federal systems. This position requires a security professional expert in navigating the entire compliance lifecycle, from continuous monitoring to external audits, while maintaining the highest security standards in a highly regulated environment.

What You'll Do

• AI-Powered GRC Automation & Engineering
  • Utilize deep proficiency in Python, JavaScript, C, or C++ to architect and implement advanced AI automation pipelines.
  • Leverage professional-level cloud architecture expertise and experience in FedRAMP and IL-5 environments.
  • Translate complex agency security requirements into automated solutions.
  • Operationalize AI compliance frameworks and correlate vulnerability intelligence with NIST SP 800-53 controls.
  • Design and deploy autonomous AI agents capable of executing multi-step GRC workflows.
• Continuous Monitoring (ConMon) & Remediation
  • Establish, automate, and maintain the Continuous Monitoring (ConMon) strategy from the System Security Plan (SSP).
  • Participate in the vulnerability intelligence on-call rotation for 24/7 expert analysis and rapid response.
• Security Authorization & Risk Management
  • Manage the full Authorization to Operate (ATO) lifecycle.
  • Coordinate annual Third-Party Assessment Organization (3PAO) audits.
  • Manage the POA&M process and perform risk-based security impact analyses.
  • Execute security control analyses and recommend infrastructure enhancements.
• Cloud Security Architecture
  • Serve as the expert authority on cloud security architecture.
  • Develop and maintain cloud security architecture documentation.
  • Evaluate architectural changes for security impact.
• Change Control & SCR Management
  • Manage the Change Control Board (CCB) and Significant Change Request (SCR) process.
  • Perform quality assurance and support quarterly audits of SCRs.
  • Generate detailed security impact analyses for FedRAMP and DISA change requests.
• Documentation & Governance
  • Maintain the System Security Plan (SSP) and all security authorization packages.
  • Support governance activities, including policy development.
  • Coordinate compliance matters with authorizing officials.
• Incident Response & Business Continuity
  • Serve as the primary security point-of-contact for incident response.
  • Strategically coordinate and lead incident response, business continuity, and disaster recovery exercises.
• Audit & Access Management
  • Manage annual security audit evidence collection and coordination.
  • Rigorously audit account management and enforce least privilege.
  • Process system deviation requests, including risk assessments.

Qualifications

• Bachelor's degree (or equivalent experience) in a relevant technical field (Engineering, Computer Science, Cybersecurity, IT); advanced degree preferred.
• Must hold a DoD 8140/8570 IAM Level II Baseline Certification (CGRC, CASP+, CISM, CISSP/Associate, or CCISO).
• U.S. Citizenship and residency required for work on sensitive government systems.
• Expert knowledge of NIST SP 800-53, RMF, FedRAMP, and FISMA.
• Proven success managing 3PAO audits and maintaining a sophisticated Continuous Monitoring (ConMon) program.
• Advanced technical familiarity with modern cloud infrastructure and security tools.
• Exceptional analytical, communication, and documentation skills.
• Experience performing comprehensive cyber architecture reviews.

Bonus Points

• Current professional-level AWS Certification (e.g., Solutions Architect, Security Specialist).
• Proficiency in Python, JavaScript, C, or C++ for developing security automation.
• Proven liaison experience with government customers regarding their security requirements.
• Experience with FedRAMP or Agency authorization processes and package preparation.
• Experience with CMMC, IRAP, TxRAMP, GovRAMP processes and package preparation.

Benefits

• Market leader in compensation and equity awards.
• Comprehensive physical and mental wellness programs.
• Competitive vacation and holidays for recharge.
• Paid parental and adoption leaves.
• Professional development opportunities for all employees regardless of level or role.
• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections.
• Vibrant office culture with world class amenities.
• Great Place to Work Certified™ across the globe.