Michael Carter

Michael Carter is a Managing Partner/Co-founder at Fortreum, LLC, the fastest growing FedRAMP Third Party Assessment Organization (3PAO). He is responsible for the company’s strategic vision and overall client delivery. He supports a wide variety of customers in both the public and private sectors. He employs a hands-on leadership style that has enabled his customers to achieve success on their compliance initiatives. This success includes entering new markets and expanding their existing footprints at Government Agencies.

Mr. Carter has over 20 years’ experience in information assurance, with a strong focus on cloud security compliance. He has led and managed large teams of security advisors and assessors of varying experience levels. Through these efforts, he has cultivated strong relationships with the largest cloud service providers, including but not limited to Amazon Web Services (AWS), Microsoft, IBM, Google, SAP, VMware, Palo Alto, and Salesforce.

Prior to joining Fortreum, LLC, Mr. Carter was the Vice President of FedRAMP Assurance at Veris Group and Coalfire Systems (Coalfire Systems, under the Carlyle Group portfolio, acquired Veris Group). At Coalfire Systems, he was responsible for establishing, managing, and running daily operations for the leading FedRAMP 3PAO practice. He served as the primary liaison to the FedRAMP Program Management Office (PMO) and supported the FedRAMP program since its inception in 2012. He successfully led the first Joint Authorization Board (JAB) 3PAO assessment and the first agency-sponsored 3PAO assessment. It is from these efforts that he was awarded a Federal Computer Weekly (FCW) Fed 100 award in 2016.

Mr. Carter holds a Bachelor of Business Administration degree from James Madison University with a focus in Computer Information Systems (CIS) and Operations Management. He maintains the following certifications: Project Management Professional (PMP), Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practioner (CASP+), Certified Authorization Professional (CAP), AWS Certified Cloud Practitioner (CCP), Certificate of Cloud Security Knowledge (CCSK), and National Security Agency – INFOSEC Assessment Methodology (NSA-IAM).