Audit & Risk Management Consultant

Role Overview

• Lead and project manage GovRAMP and FedRAMP readiness, assessment coordination, and execution activities across internal stakeholders and external assessors or government customer representatives.
• Serve as the primary point of contact for government customers, translating security, compliance, and technical requirements into actionable plans and deliverables.
• Coordinate and support customer-facing security and compliance requests, including questionnaires, evidence collection, control mapping, policy documentation, audit artifacts, and follow-up actions.
• Partner with Information Security, Product, Engineering, Infrastructure, Legal, PMO, and customer-facing teams to drive completion of compliance deliverables and remediation activities.
• Review, evaluate, develop, implement, maintain, and validate internal controls, business processes, and supporting documentation to ensure alignment with corporate objectives and government standards.
• Track project milestones, dependencies, risks, issues, and decisions associated with government compliance programs and communicate status, risks, and outcomes to leadership and stakeholders.
• Ensure policies, procedures, standards, and process documentation are periodically reviewed, updated, and maintained across the organization.
• Support audits and assessments by coordinating evidence requests, stakeholder interviews, remediation tracking, and communications with external auditors, assessors, or customer representatives.
• Contribute to continuous improvement of the organization’s security and compliance framework, including controls maturity, process design, and readiness for evolving government requirements.
• Provide professional guidance in areas of expertise, lead small project teams, and formally train or mentor junior team members as needed.

Requirements

• Bachelor’s degree in a relevant field or an equivalent combination of education and experience
• Significant experience in security compliance, audit, risk management, internal controls, or regulatory program management
• Hands-on experience supporting or managing FedRAMP, GovRAMP, or similar government or security compliance frameworks
• Excellent understanding of internal controls, audit methodologies, risk management practices, and compliance documentation
• Experience working cross-functionally with Information Security, Engineering, Product, Legal, and customer-facing teams
• Proven ability to independently manage complex initiatives, resolve ambiguity, and drive work to completion
• Excellent written and verbal communication skills, with the ability to communicate effectively with customers, auditors, technical teams, and executive stakeholders
• Demonstrated ability to analyze complex problems, apply professional judgment, and improve processes using best practices.

Benefits

• Health insurance
• Annual incentive bonus
• Country specific benefits