Sr. Manager, Information Security Public Compliance (Remote)

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

CrowdStrike is seeking a Senior Manager, Information Security Public Compliance to lead and manage compliance efforts for our GovCloud environments, ensuring adherence to U.S. and international government security compliance standards. This role will drive strategy, execution, and continuous improvement of compliance programs related to FedRAMP Moderate and High, StateRAMP, CMMC, DoD SRG IL4 & IL5, ISMAP (Japan), IRAP (Australia), and other U.S. and global regulatory requirements.

As a key leader within CrowdStrike’s Governance, Risk, and Compliance (GRC) program, you will be responsible for managing compliance assessments, certifications, and audits, as well as ensuring that our cloud security posture aligns with evolving government regulations. You will collaborate closely with internal stakeholders, external auditors, and government entities to maintain the highest levels of security compliance.

This is an exciting opportunity to shape the future of CrowdStrike’s GovCloud security and compliance programs, ensuring we meet the most stringent government security standards while driving innovation and efficiency in compliance management.

What You'll Do:

• Lead and manage compliance initiatives for CrowdStrike GovCloud environments, ensuring adherence to FedRAMP, DoD SRG IL4/IL5, StateRAMP, CMMC, and international frameworks (ISMAP, IRAP, etc.).

• Drive certification efforts by managing internal and external audits, risk assessments, and security documentation submissions.

• Develop and maintain compliance strategies that align with federal and international security mandates, working closely with engineering, security, and legal teams.

• Oversee the implementation of controls based on NIST 800-53, RMF, CMMC, and DoD SRG standards, ensuring continuous monitoring and compliance readiness.

• Serve as a subject matter expert (SME) on public-sector security compliance, providing guidance to internal teams and engaging with government agencies, assessors, and third-party auditors.

• Manage relationships with regulatory bodies and compliance assessors, advocating for compliance best practices while ensuring business agility.

• •       Maintain and enhance security compliance documentation, including System Security Plans (SSPs), policies, procedures, and risk assessments.

• Support customers and Authorizing Officials (AO) by providing necessary compliance documentation and guidance for their security evaluations.

• Stay ahead of evolving regulatory landscapes, interpreting new policies and their impact on cloud security compliance.

• Drive continuous improvement by identifying areas for automation, efficiency, and optimization in security compliance processes.

• Other responsibilities as requested by leadership.

What You’ll Need:

• 12+ years of experience in information security, governance, risk, and compliance (GRC) with a focus on cloud security and public-sector regulatory frameworks.

• Deep expertise in government compliance programs, including FedRAMP Moderate & High, StateRAMP, CMMC (Levels 2 & 3), DoD SRG IL4/IL5, ISMAP (Japan), IRAP (Australia), and other international security frameworks.

• Strong knowledge of NIST 800-53, RMF, DFARS, FISMA, ISO 27001, SOC 2, and cloud security best practices.

• Experience leading compliance assessments, managing third-party audits, and achieving security certifications for cloud environments.

• Ability to effectively engage with U.S. government agencies, AOs, and compliance assessors to drive compliance approvals.

• Hands-on experience with security documentation, including SSPs, POA&Ms, control matrices, and compliance automation tools.

•   Strong leadership and collaboration skills, with the ability to work across teams, regions, and organizational levels.

• Excellent communication and stakeholder management skills, including experience briefing executives and government entities on compliance status and security risks.

• Technical understanding of cloud security architectures, operating systems, networks, and application security in cloud environments (AWS, Azure, GCP).

• Project management experience, including scoping, risk assessment, resource planning, and compliance reporting.

Bonus Points:

• Experience in system engineering or security operations supporting government compliance programs.

• Familiarity with CrowdStrike’s products and cloud security services.

• Security certifications such as CISSP, CISM, CISA, CCSP, or relevant compliance certifications (e.g., Certified CMMC Assessor, FedRAMP Certified Assessor).

#LI-Remote
#LI-AC1

Benefits of Working at CrowdStrike:

• Remote-friendly and flexible work culture

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs 

• Competitive vacation and holidays for recharge  

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified™ across the globe

Right to Work