Sign up for our newsletter! →

HanByte

Consulting Director / Principal Compliance Consultant, Public Sector

Summary

HanaByte’s Public Sector practice is expanding, and we are seeking experienced professionals to uphold our standard of high-quality deliverables and expert consultancy for our clients. The role of Consulting Director / Principal Consultant is pivotal within our leadership team at HanaByte. This position entails leading various projects and teams, collaborating with fellow consultants and project groups throughout the organization, and ensuring the delivery of top-tier consulting services to our clients.


Responsibilities

  • Lead the development of our Public Sector team, ensuring alignment with our company’s vision and spearheading service delivery to meet both client and HanaByte objectives. 
  • Interface with and provide regular updates to the HanaByte leadership team.
  • Oversee Public Sector and comprehensive compliance initiatives, supporting standards like FedRAMP, FISMA, NIST 800 Series, CMMC, and StateRAMP for our clients.
  • Work closely with client IT leadership teams as a subject matter expert to enhance their cyber security posture in all areas of Information Technology to meet their goals and objectives, as well as with regulatory compliance requirements. 
  • Facilitate client workshops and discussions to create and apply cloud governance models involving people, processes, and technology to prepare client solutions for favorable external party evaluation.
  • Offer guidance on clients’ risk and compliance requirements, clearly outlining continuous monitoring strategies and actions in line with relevant cybersecurity documentation, including the management of Plans of Action and Milestones (POA&Ms). 
  • Evaluate the risks and benefits for our clients from various cybersecurity choices.
  • Build consensus with partners at audit firms, managed service providers, regulators and other third parties to drive business outcomes for our clients. 
  • Manage and develop a delivery team, delivery collateral, and strategies while effectively managing direct reports with a portfolio of engagements.
  • Work as part of the HanaByte leadership team to define appropriate skills and staffing levels within the Public Sector practice while optimizing the mix of resources. 
  • Assist with inputs for responding to Request for Proposals (RFPs) and Statements of Work (SOWs)
  • Provide coaching, feedback, developmental opportunities, etc. to direct/indirect reports within a broader team.


Required Education

  • Bachelor’s degree or comparable military duty required


Required Skills

  • Minimum of 5 years of experience in security and privacy risk assessment, consulting, or related roles.
  • Leading and managing projects and campaigns with excellent project management skills.
  • Deep familiarity with or experience as a 3PAO to obtain FedRAMP Ready or FedRAMP Authorized status for platforms, systems, and applications.
  • Specialized knowledge in producing and/or validating FedRAMP documentation.
  • Strong grasp of security frameworks with strong NIST experience including: FedRAMP, RMF, NIST SP 800-53, FISMA, NIST SP 800-171
  • Demonstrated knowledge of NIST publications, such as: NIST SP 800-30, 800-37, 800-53, 800-53A, 800-60 Vol 1 & 2, and 800-171
  • Excellent communication skills, adept at conveying technical concepts to diverse audiences including client executives.
  • Proven track record of providing meaningful security and privacy recommendations aligned with business goals.
  • Knowledge of new and emerging cloud and cybersecurity technologies along with strong understanding of security fundamentals, including the CIA triad.
  • Familiarity with Authorization Boundary Diagrams (ABDs).
  • Technical experience with AWS, Google Cloud, and/or Azure a plus.


Certifications / Credentials

  • At least one advanced cybersecurity certification such as: CISSP, CISM, CISA, CCSP, or other relevant security certifications, multiple are preferred.
  • Advanced vendor-specific cloud-related technology certifications such as: AWS, Microsoft Azure, and/or Google Cloud is a plus.
  • Project management certifications such as the PMP is a plus.
  • Although not a requirement, an active security clearance is a plus.
Location
Atlanta, GA / Remote
Duration
Full-Time / Contract