Available for consulting

Hi, I'm Garett Schultz

Core Consultant at Coalfire Systems specializing in FedRAMP and IRAP compliance frameworks. I build secure, audit-ready cloud infrastructure across AWS, GCP, and Azure—helping organizations navigate federal authorization with confidence.

View My Work Experience

About Me

Bridging cloud infrastructure with compliance excellence

3
Years Experience
$2M+
Annual Revenue Generated
100%
FedRAMP ATO Success
800+
NIST Controls
FedRAMP IRAP NIST SP 800-53 AWS Azure GCP Terraform Kubernetes Docker CloudFormation Ansible Python Bash CI/CD Infrastructure as Code Security Automation Gap Analysis POA&M Management Continuous Monitoring SSP Documentation
🛡️

Federal Compliance

Deep expertise in FedRAMP, IRAP, and NIST frameworks. I guide organizations through authorization processes, gap analysis, and continuous monitoring requirements.

☁️

Multi-Cloud Architecture

Design and implement secure, scalable infrastructure across AWS, Azure, and GCP with a focus on audit-readiness and compliance controls.

Automation & DevSecOps

Building automated compliance pipelines, infrastructure as code, and security controls that integrate seamlessly into development workflows.

Featured Projects

Compliance solutions and cloud infrastructure at scale

Compliance

FedRAMP Gap Analysis Automation

Developed an automated system to assess cloud environments against FedRAMP control requirements, generating detailed gap reports and remediation roadmaps for federal authorization.

Python NIST 800-53 AWS Automation
Infrastructure

Multi-Cloud Compliance Framework

Built reusable Terraform modules and CloudFormation templates that provision compliant infrastructure across AWS, Azure, and GCP with pre-configured security controls.

Terraform CloudFormation Multi-Cloud IaC
Security

Continuous Monitoring Dashboard

Created a real-time monitoring solution that tracks control implementation, vulnerability status, and POA&M progress for federal authorization maintenance.

Python AWS Lambda Dashboard ConMon
DevSecOps

Compliance CI/CD Pipeline

Integrated security scanning, compliance validation, and automated documentation generation into deployment pipelines for continuous authorization.

GitHub Actions Docker SAST/DAST CI/CD
Automation

SSP Document Generator

Automated System Security Plan generation from infrastructure code and control mappings, reducing documentation time by 60% while ensuring accuracy.

Python Templates OSCAL Documentation

Software & Tools

Internal tools and automation I've built from the ground up

$2M+ Revenue

Defense in Depth Automation

Built the entire service offering solo, delivering over $2M in annual revenue. Automates security layer assessments and provides comprehensive support for defense in depth strategies across client environments.

Automation Security Service Offering
eMASS Integration

POA&M Creation Software

Automated POA&M generation system built on ECS that creates plans of action from scan results, tracks remediation progress, and integrates directly with eMASS for streamlined federal compliance workflows.

AWS ECS eMASS POA&M Automation
Cross-Org

Jira Ticket Automation

Workflow automation system that auto-creates Jira tickets, syncs issues across organizational boundaries, and intelligently assigns tasks based on predefined rules for seamless cross-team collaboration.

Jira Automation Workflow Integration

Experience

Building secure cloud solutions for regulated industries

Core Consultant

Coalfire Systems

Present
  • Lead FedRAMP and IRAP compliance engagements for enterprise clients pursuing federal authorization
  • Built and grew FedRAMP accounts into multiyear engagements through successful relationship building
  • Design and implement compliant cloud architectures across AWS, GCP, and Azure platforms
  • Conduct comprehensive gap analysis against NIST SP 800-53 controls with detailed remediation plans
  • Develop automation tools for continuous monitoring and compliance validation
  • Mentor teams on security best practices and DevSecOps integration strategies

Credentials

Certifications and continuous learning

Certifications

AWS Generative AI and AI Agents with Amazon Bedrock Professional Certificate Google AI Essentials Specialization Aviatrix ACE Associate Aviatrix ACE Multicloud Network Associate

Specializations

Compliance Authorization

Complete lifecycle support from readiness to continuous monitoring

AI Developer

Building intelligent automation and AI-powered tools to streamline compliance workflows

IRAP Assessment

Australian Government security framework compliance