Senior Manager of Information Security Public Compliance, CrowdStrike

$135-225k

+ Equity awards + Variable/incentive compensation

AWS
GCP
Azure
Expert level
Remote from US
CrowdStrike

AI-native cybersecurity platform

Open for applications

CrowdStrike

AI-native cybersecurity platform

1001+ employees

B2BArtificial IntelligenceSecurityEnterpriseDeep TechSaaSCyber SecurityCloud Computing

Open for applications

$135-225k

+ Equity awards + Variable/incentive compensation

AWS
GCP
Azure
Expert level
Remote from US

1001+ employees

B2BArtificial IntelligenceSecurityEnterpriseDeep TechSaaSCyber SecurityCloud Computing

Company mission

CrowdStrike is on a mission to stop breaches. Its purpose is to provide safety and security to some of the world’s largest, most influential companies and, by extension, the billions of people around the world who use their services.

Role

Who you are

  • 12+ years of experience in information security, governance, risk, and compliance (GRC) with a focus on cloud security and public-sector regulatory frameworks
  • Deep expertise in government compliance programs, including FedRAMP Moderate & High, StateRAMP, CMMC (Levels 2 & 3), DoD SRG IL4/IL5, ISMAP (Japan), IRAP (Australia), and other international security frameworks
  • Strong knowledge of NIST 800-53, RMF, DFARS, FISMA, ISO 27001, SOC 2, and cloud security best practices
  • Experience leading compliance assessments, managing third-party audits, and achieving security certifications for cloud environments
  • Ability to effectively engage with U.S. government agencies, AOs, and compliance assessors to drive compliance approvals
  • Hands-on experience with security documentation, including SSPs, POA&Ms, control matrices, and compliance automation tools
  • Strong leadership and collaboration skills, with the ability to work across teams, regions, and organizational levels
  • Excellent communication and stakeholder management skills, including experience briefing executives and government entities on compliance status and security risks
  • Technical understanding of cloud security architectures, operating systems, networks, and application security in cloud environments (AWS, Azure, GCP)
  • Project management experience, including scoping, risk assessment, resource planning, and compliance reporting

Desirable

  • Experience in system engineering or security operations supporting government compliance programs
  • Familiarity with CrowdStrike’s products and cloud security services
  • Security certifications such as CISSP, CISM, CISA, CCSP, or relevant compliance certifications (e.g., Certified CMMC Assessor, FedRAMP Certified Assessor)

What the job involves

  • CrowdStrike is seeking a Senior Manager, Information Security Public Compliance to lead and manage compliance efforts for our GovCloud environments, ensuring adherence to U.S. and international government security compliance standards.
  • This role will drive strategy, execution, and continuous improvement of compliance programs related to FedRAMP Moderate and High, StateRAMP, CMMC, DoD SRG IL4 & IL5, ISMAP (Japan), IRAP (Australia), and other U.S. and global regulatory requirements
  • As a key leader within CrowdStrike’s Governance, Risk, and Compliance (GRC) program, you will be responsible for managing compliance assessments, certifications, and audits, as well as ensuring that our cloud security posture aligns with evolving government regulations.
  • You will collaborate closely with internal stakeholders, external auditors, and government entities to maintain the highest levels of security compliance
  • This is an exciting opportunity to shape the future of CrowdStrike’s GovCloud security and compliance programs, ensuring we meet the most stringent government security standards while driving innovation and efficiency in compliance management
  • Lead and manage compliance initiatives for CrowdStrike GovCloud environments, ensuring adherence to FedRAMP, DoD SRG IL4/IL5, StateRAMP, CMMC, and international frameworks (ISMAP, IRAP, etc.)
  • Drive certification efforts by managing internal and external audits, risk assessments, and security documentation submissions
  • Develop and maintain compliance strategies that align with federal and international security mandates, working closely with engineering, security, and legal teams
  • Oversee the implementation of controls based on NIST 800-53, RMF, CMMC, and DoD SRG standards, ensuring continuous monitoring and compliance readiness
  • Serve as a subject matter expert (SME) on public-sector security compliance, providing guidance to internal teams and engaging with government agencies, assessors, and third-party auditors
  • Manage relationships with regulatory bodies and compliance assessors, advocating for compliance best practices while ensuring business agility
  • Maintain and enhance security compliance documentation, including System Security Plans (SSPs), policies, procedures, and risk assessments
  • Support customers and Authorizing Officials (AO) by providing necessary compliance documentation and guidance for their security evaluations
  • Stay ahead of evolving regulatory landscapes, interpreting new policies and their impact on cloud security compliance
  • Drive continuous improvement by identifying areas for automation, efficiency, and optimization in security compliance processes
  • Other responsibilities as requested by leadership

Share this job

View 104 more jobs at CrowdStrike

Insights

Top investors

20% employee growth in 12 months

Company

Company benefits

  • Competitive Employee Stock Purchase Plan
  • Comprehensive Health Benefits
  • Parental & Fertility Assistance
  • Remote-first culture
  • Health & Wellness Programs
  • Professional Development
  • Executive Coaching & Mentorship
  • Offices with stocked kitchens when you need to fuel innovation and collaboration
  • Competitive vacation and flexible working arrangements
  • 401(k) Plan

Funding (last 2 of 6 rounds)

Jun 2018

$200m

SERIES E

Oct 2017

$25m

SERIES D

Total funding: $484.6m

Our take

Since CrowdStrike was founded by a trio of former McAfee executives in 2011, it’s grown into a thousands-strong, NASDAQ-listed company. With customers including Verizon, Deloitte, and Goldman Sachs, it’s considered one of the world’s top enterprise cybersecurity vendors along with the likes of Cisco, IBM, and Palo Alto Networks.

One of the reasons behind CrowdStrike's continued success is its ability to keep pace with the evolving tech market, for instance with its Generative AI security analyst that leverages recent developments in AI. Although not immune to the slowdown of the global economy, the company's modular design has given it the upper hand, allowing clients to consolidate their security spend with CrowdStrike instead of selecting packages from multiple vendors at a higher overall cost.

With long-term demand for cybersecurity products growing, and its reputation as strong as ever, CrowdStrike shows no signs of slowing down. It has partnered with Ignition Technology to double down on its UK presence, and continues to be a voice in the wider market through its "Falcon Fund" investment vehicle and position as a founding member of NIST's Artificial Intelligence Safety Institute Consortium (AISIC).

Freddie headshot

Freddie

Company Specialist at Welcome to the Jungle