Senior Consultant - Strategy, Privacy, Risk Advisory Risk | Remote US
Denver, CO
Applications have closed
Coalfire
Coalfire is the cybersecurity advisor that combines extensive cloud expertise, technology, and innovative approaches to help clients develop scalable…Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world. But that’s not who we are – that’s just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. And we’re growing fast. We’re looking for a Senior Consultant to support our Strategy, Privacy and Risk Advisory Team. Position Summary The Strategy, Privacy, Risk (SPR) Senior Consultant/Strategy leads distinct portions of large client engagements and entire smaller engagements. Assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks, Sr. Consultants play a key role in designing cybersecurity program transformation activities. This role will have a strong understanding of cybersecurity frameworks (program, risk, and controls) and assess client cybersecurity programs against those frameworks. The Senior Consultant will conduct and/or lead interviews with client staff, analyze documents, and develop reports for clients. They will also provide quality control and peer review to other members of the delivery staff. They will work closely with Project Managers, Directors, and other Delivery team members to effectively manage project timelines and deliverables.
What You'll Do
- Leads cybersecurity program diagnostic and advisory efforts including data collection plan preparation, review of technical plans, documentation and evidence, preparation of various surveys and assessment tools, evaluation of procedures, and client interviews.
- Prepare and review reports of findings and recommendations.
- Manage priorities, tasks, and hours on projects in conjunction with the project manager and/or Director to deliver on time and within allocated budgets.
- Ensures quality products and services are delivered on time.
- Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue.
- Provide mentorship to team members in areas including, but not limited to risk and controls assessments, technical control implementation, maturity assessments, and a wide range of remediation activities management programs.
- Interfaces with clients through entire engagement, interacting will all levels of client organizations. Establish and maintain positive collaborative relationships with clients and stakeholders.
- Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
- Collaborates with project managers, quality management, sales, and other delivery team members to drive customer satisfaction and meet project deliverables.
What You'll Bring
- At least four plus (4+) years working experience in cyber security, GRC, and cyber related risk management.
- Bachelor’s degree in Business Administration, Computer Science, Information Systems, Engineering or related field, or equivalent combination of education and experience.
- Strong knowledge and awareness of the latest information risk, security and compliance innovations, trends, challenges, and solutions.
- Awareness or experience with healthcare business operations, systems, and culture
- Strong knowledge of cloud transformation and its impact on healthcare, medical device manufactures, and software developers.
- Experience with AWS, Google, or Microsoft hosting environments for SaaS, PaaS, and IaaS platforms.
- Deep knowledge of information governance, risk and security standards/frameworks and professional practices (NIST CSF, NIST RMS, NIST controls frameworks such as NIST SP 800-53 or SP 800-171, ISO, CIS Critical Security Controls, ISSA, CSA CMM and FAIR, etc.).
- Knowledge of the typical enterprise risk and security operational practices.
- Knowledge of information security related solutions, tools, and utilities.
- Strong initiative.
- Strong analytical skills, demonstrated problem solving abilities, and the ability to develop solutions for unique client problems.
- Strong oral and written communication skills.
- Ability to travel up to 40%.
Bonus Points
- CISM, CISSP, CISA, CCSP, or CCSK certification(s).
- Big Four Advisory/Consulting Experience.
- DevSec Ops Experience.
- AWS, Azure, Google Cloud Platform certification(s).
- OpenFair or related certification, CCBP
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like flexible time off, certification and training reimbursement, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. A reasonable estimate of the compensation range for this role is $86,000 to $148,000 based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
#LI-Remote
Tags: AWS Azure CCSP CISA CISM CISSP Cloud Compliance Computer Science GCP Governance IaaS NIST PaaS Privacy Risk management SaaS Strategy Travel
Perks/benefits: Career development Competitive pay Equity Flex hours Flex vacation Gear Health care Salary bonus Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs