FedRamp Security Director

About CyberArk:
CyberArk (NASDAQ: CYBR), is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit our CyberArk blogs or follow us on X, LinkedIn or Facebook.

• As the Director of FedRAMP Security & Outreach at CyberArk, you will play a critical leadership role in ensuring CyberArk’s cloud services meet the rigorous security and compliance standards required by the U.S. federal government.
• You will oversee our FedRAMP authorization efforts and continuous monitoring, while also serving as a strategic advisor and outreach ambassador to both internal stakeholders and federal agency partners.
• You will work cross-functionally with security, compliance, product, engineering, legal, and customer-facing teams to ensure adherence to FedRAMP baselines, support audits and 3PAO assessments, and continuously evolve our cloud security posture.
• Externally, you will foster key relationships in the federal cybersecurity ecosystem and support our go-to-market and trust-building efforts through thought leadership and stakeholder engagement.

Key Responsibilities

• Lead and sustain CyberArk’s FedRAMP security posture, ensuring continuous compliance with federal cloud security requirements and evolving mandates.
• Manage all phases of the FedRAMP lifecycle, including initial authorization, periodic assessments, audits, and ongoing monitoring
• Coordinate with internal security, DevOps, product, and engineering teams to embed and enforce FedRAMP controls and secure design principles across the SDLC.
• Own and maintain key FedRAMP documentation, including the System Security Plan (SSP), POA&M, security policies, and procedures.
• Monitor and interpret changes to federal cybersecurity guidance (e.g., NIST 800-53, OMB memos, CISA advisories), and proactively adjust compliance programs accordingly.
• Build and maintain trusted relationships across the federal cybersecurity community, including ISACs, federal CIO/CISO councils, and peer organizations.
• Support federal sales, marketing, and customer success teams with security outreach, briefings, education sessions, and responses to FedRAMP-related inquiries.
• Provide strategic insight and reporting to CyberArk’s senior leadership on the health of FedRAMP compliance and broader federal trust efforts.

#LI-HA1

#LI-Hybrid

• 10+ years of experience in cloud security, cybersecurity compliance, or governance roles, with a strong focus on U.S. federal cybersecurity frameworks.
• Direct experience managing FedRAMP programs, including working with 3PAOs and federal agency authorizing officials.
• Deep understanding of NIST SP 800-53, FedRAMP baselines, and cloud-native security architectures (AWS, Azure, GCP).
• Strong documentation and program management skills, with experience leading compliance audits or assessments.
• Demonstrated ability to engage and communicate effectively with federal stakeholders, customers, and technical teams.
• Familiarity with security frameworks such as FISMA, TIC 3.0, and the Executive Order on Improving the Nation’s Cybersecurity.
• Excellent written and verbal communication skills, including executive-level briefings and public presentations.
• Strong network and reputation within the federal security and compliance community is a plus.

CyberArk is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status. 

We are unable to sponsor or take over sponsorship of employment Visa at this time.

The salary range for this position is $163,000 – $240,000/year, plus commissions or discretionary bonus, which will be based on the employee’s performance. Base pay may also vary considerably depending on job-related knowledge, skills, and experience. The compensation package includes a wide range of medical, dental, vision, financial, and other benefits.