Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers.  Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies.  Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients’ toughest security challenges. 

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.  

What’s the purpose of general applications?

We are always looking to find and retain great talent! By completing the general application for this practice area, you’ll become a part of our talent community of potential candidates that we review for future opportunities. Our team will reach out if a position becomes available that fits your background.

We encourage you to check back on a periodic basis for specific positions that are listed on our career site.
*Please note – general applications are separate from specific job openings. If you’re interested in a specific position posting, please apply to that position to be considered.  

FedRAMP Services Overview

As the leading accredited FedRAMP 3PAO delivering advisory and assessment services to Cloud Service Providers and technology clients, Coalfire Federal has completed more than 100 assessments for Clients resulting in both Joint Authorization Board (JAB) P-ATOs and agency ATOs.

• • We have more FedRAMP experience than any other firm, either as the assessor or advisor to more than 200 private sector organizations. This includes projects for leading Fortune 100 companies and 14 federal agencies.
  • Our collaborative, tailored approach to the FedRAMP workshop is based on specific client use cases, business limitations, and technical environment, which provides a clear understanding of the current security posture and enables us to offer guidance on a path forward.

What kind of positions are in FedRAMP Services?

Typical positions include, but aren’t limited to -

• • FedRAMP Assessor (Mid)
  • FedRAMP Assessor (Senior)
  • FedRAMP Vulnerability Security Engineer

Qualifications we look for:

Our FedRAMP Consultants facilitate or support Security Control Assessments (SCAs) and other advanced-level Continuous Monitoring Activities within cloud-based environments. To succeed on our FedRAMP teams, you’ll need a strong understanding of security-related system controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls. You will work in a team atmosphere with an experienced Technical Project Lead, and you’ll be assigned technical sections and be able to provide client-ready deliverables.

• • In-depth knowledge of FedRAMP & DoD DISA security control requirements and how they overlap with additional frameworks
  • Experience with the FedRAMP and RMF assessment and authorization processes having completed at least 10 FedRAMP/DoD assessments
  • Experience in understanding and applying relevant technical knowledge to FedRAMP & DoD DISA environments
  • A solid understanding of the FedRAMP Framework and DoD Impact levels IL4, IL5 and IL6
    
  • Previous work experience with a FedRAMP 3PAO
  • Strong knowledge and understanding of Cloud environment services, to include operating systems, networking components, databases, access controls, auditing, boundary protection, and cryptography.
  • Understanding of IT security technologies including network and application security, firewalls, access management, and data protection
  • Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience

Education

Completed bachelor’s degree from an accredited university, preferably in an IT related field, or equivalent combination of education and experience

Clearance / Suitability

• • Must be a U.S. Citizen
  • At minimum an active Secret Clearance is required for all FedRAMP positions.

Certifications

A CISSP is required, along with one additional FedRAMP certification to include:  CASP, GCED, GCIH, GSLC, CISA, CISM, CFR, or CCISO

Years of Experience

• • One to three (1-3) years of DoD DISA experience
  • Three (3) years of FedRAMP experience
  • Six to eight (6-8) overall years of experience in the IT industry, with strong familiarity with the applicable NIST Special Publications 800-37 Revision 1, 800-53 and 800-53A Revision 4

Location

Our clientele is largely in the government space, primarily around the Northern Virginia / Washington, D.C. / Maryland areas. While we do offer opportunities that are remote, hybrid, or on-site - position locations and travel may vary based on client needs

Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve.

Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.

And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.  

Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.