Senior Consultant Strategy, Privacy, and Risk Advisory - Cloud Services

United States

Applications have closed

Coalfire

Coalfire is the cybersecurity advisor that combines extensive cloud expertise, technology, and innovative approaches to help clients develop scalable programs that improve their security posture and fuel their continued success.

View company page

About Coalfire Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world. But that’s not who we are – that’s just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.  And we’re growing fast. We’re looking for a Senior Consultant to support our Strategy, Privacy, and Risk team. This role has a specific focus on Cloud Services and requires various related experiences.

What You'll Do

  • Serve as the cloud SME to clients within engagements for security design and architecture in the AWS, Azure or GCP space using vendor and industry standard security requirements
  • Perform as a partner with clients to meet internal and external security goals
  • Engage in development of client cloud security strategy and roadmap.
  • Perform security maturity assessments of various cloud environments, including testing of cloud security configuration and related controls
  • Coordinate with clients and team members to identify the right balance of defense-in-depth techniques to translate customer’s security goals into a secure and effective solution
  • Provide guidance on the administration and maintenance of security systems infrastructure, applications, devices, tools, and software services
  • Support and guide information risk and security discussions with technical and non-technical groups
  • Identify enterprise information security, privacy and compliance related problems and challenges; research and develop technical solutions to rectify them
  • Participate in design and operationalization of tactical response and recovery activities in the event of an information security breach
  • Develop and operationalize enterprise information security programs and related components
  • Assess cyber-related policy, procedures, legislation, and implementation directives
  • Assess and remediate compliance with industry regulations and frameworks across multiple industries that are relevant to cybersecurity (e.g. NIST CSF, PCI, SOX 404, HIPAA, ISO, FEDRAMP, GLB, CCPA, GDPR)

What You'll Do

  • BS in related Information Technology field or equivalent combination of education and experience
  • 2+ years of directly relevant cloud security configuration and architecture experience including identifying risk areas and proposing recommendations
  • 3+ years of experience supporting cloud architecture, design, implementation, operations and automation in AWS, Azure or GCP.
  • 1+ years of experience with cloud security testing and automation tools and techniques
  • Strong experience with AWS, Azure or GCP platform capabilities and services (Professional Cloud Architect, Cloud DevOps Engineer, or Cloud Security Engineer), including security certifications
  • Excellent communication, organizational, and problem-solving skills
  • Effective documentation skills, to include technical diagrams and written descriptions
  • Ability to work independently and as part of a team with professional attitude and demeanor
  • Critical thinking, and ability to balance security requirements with mission needs
  • Exampled relationship management and ability to work with C-Suite
  • Ability to work quickly, efficiently and accurately in a dynamic and fluid environment

Bonus Points

  • Previous experience supporting clients from within a professional services organization
  • Cloud-based networking experience (Palo Alto, CheckPoint, Cisco ASAv, F5, etc....)
  • Expertise with serverless, microservices, and other modern application architectures
  • One or more of the following certifications: Microsoft Certified Azure Security Engineer Associate (AZ-500), AWS Certified Security – Specialty, Google Professional Cloud Security Engineer, GIAC Cloud Security Automation (GCSA)CISSP, CCSP, CCSK, CISSP
  • Familiarity with configuration baseline standards such as CIS Benchmarks & DISA STIG
Why You'll Want to Join Us At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office. Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like flexible time off, certification and training reimbursement, and comprehensive insurance options. At Coalfire, equal opportunity and pay equity is integral to the way we do business. A reasonable estimate of the compensation range for this role is $86,000 to $148,000 based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

Tags: Automation AWS Azure C CCPA CCSP CISSP Cloud Compliance DevOps FedRAMP GCP GDPR GIAC HIPAA Microservices NIST Privacy Security strategy Strategy

Perks/benefits: Career development Competitive pay Equity Flex vacation Salary bonus Team events

Region: North America
Country: United States
Job stats:  2  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.