Sr. Governance, Risk, and Compliance Specialist (Remote)

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

The Senior Compliance Specialist is charged with assisting in the identification, assessment, measurement, monitoring, and reporting of risk through CrowdStrike’s Governance, Risk, and Compliance (GRC) program. This Senior Compliance Specialist’s primary function will involve strategically supporting product and service assessments in CrowdStrike’s United States federally authorized environments. 

In addition, this role may be called on to support or lead corporate operations and IT compliance audits and assessments, vendor and partner risk assessments, or support customer assurance efforts to address questions from CrowdStrike customers as needs and interests require. The Senior Compliance Specialist will also perform compliance advisory functions.

The ideal candidate will deeply understand current assessment frameworks, technologies, and processes while being continuously on the lookout for innovative and flexible ways to automate or improve processes that support a fast-paced, secure, and empowered environment.

What You’ll Do:

This role covers audit and compliance, in the context of security within enterprise-wide operational areas such as:

• leading and managing GRC Compliance projects and programs as a Senior Specialist on the team;

• assisting with internal and external audits and assessments including control assessment, monitoring, and reporting including collection and organization of evidence;

• conducting third party controls evaluations to determine risk;

• working with various internal teams or external parties to define and prioritize remediation efforts, tracking remediation activities, and inspecting/validating solutions that have been implemented;

• responding to CrowdStrike and customer questions regarding our information security practices and CrowdStrike technologies;

• advise various teams on the controls language, expectations and requirements 

• performing other duties within the scope of governance, risk, and compliance as needed.

What You’ll Need:

• US Citizen

• 5 to 8 years of working experience on different compliance frameworks, including but not limited to FedRAMP, NIST CSF, DoD Cloud Computing Security Requirements Guide (SRG), CMMC, ISO 27001 and other existing and emerging standards.

• prior strategic-level experience with FedRAMP or DoD authorization processes, systems, and methodologies;

• Experience in program or project management, auditing, and/or control framework development and implementation.

• fundamental technical understanding of key technologies such as Windows, Linux, and Apple operating systems, networks, application development, databases, virtualization, and cloud infrastructure; and

• a BA or BS / MA or MS degree in Computer Science/Engineering, Math, Information Security, Information Systems, Information Assurance, Information Security Management, Intelligence Studies, Data Science, Cybersecurity, or equivalent experience.

Bonus Points:

• Prior writing of system security plans (SSPs) or authorization documentation for federal platforms.

• Knowledge of and/or experience with other Risk Management Frameworks like SOC2, PCI, ISO, GDPR, etc.

• Any work with OSCAL and its ecosystem of languages.

• Practical experience in programming languages including typical HTML, CSS, JavaScript, Python, etc. and Data Analytics.

• Project management experience in scoping, work break-down, critical path analysis, resourcing, managing time estimates, project risks, and quality.

• Ability to think strategically about risks and tie those risks to tactical organizational activities.

• Experience with a cloud environment and the CrowdStrike products or services.

• Demonstrated ability to collaborate effectively, especially with cross-functional teams.

• Open to learning and working on new domains and technology.

#LI-DL1

#LI-Remote

This role will require the candidate to periodically undergo and pass additional background and fingerprint check(s) consistent with government customer requirements.

Benefits of Working at CrowdStrike:

• Remote-friendly and flexible work culture

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs 

• Competitive vacation and holidays for recharge  

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Resource Groups, geographic neighbourhood groups and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified™ across the globe

Right to Work

CrowdStrike, Inc. is committed to equal pay for equal work in its compensation practices. The base salary range for this position in the U.S. is $95,000 - $160,000 per year + variable/incentive compensation + equity + benefits. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location.

Expected Close Date of Job Posting is:05-14-2025