Dark Wolf's Google Cloud Security Governance, Risk, and Compliance (GRC) Consultants apply NIST Risk Management Framework (RMF) and related federal security frameworks to complex systems hosted on Google Cloud for federal customers. They balance technical security control analysis, strategic risk advising, and comprehensive GRC documentation.
Requirements
- Working collaboratively within a fast-paced Agile team environment
- Staying up-to-date on the latest Google Cloud services and technologies
- Implementing security best practices for Google Cloud solutions
- Serving as the SME for all federal compliance requirements, including FedRAMP, NIST SP 800-53, and agency-specific security overlays
- Conducting detailed technical security control assessments against system components and configurations within the GCP environment
- Managing the development, review, and finalization of all RMF artifacts
- Providing security and compliance guidance to cloud architecture and engineering teams
- Serving as the primary liaison with the Authorizing Official (AO), security assessors, and federal agency security teams
- Developing and presenting clear, compelling Plan of Action and Milestones (POA&M) entries
- Providing strategic consulting and recommendations to senior management and clients
- Training and mentoring junior team members or system owners on RMF processes, documentation standards, and cloud compliance methodology
