Senior Consultant Strategy, Privacy, and Risk Advisory - Cloud Services
United States
Applications have closed
Coalfire
Coalfire is the cybersecurity advisor that combines extensive cloud expertise, technology, and innovative approaches to help clients develop scalable programs that improve their security posture and fuel their continued success.What You'll Do
- Serve as the cloud SME to clients within engagements for security design and architecture in the AWS, Azure or GCP space using vendor and industry standard security requirements
- Perform as a partner with clients to meet internal and external security goals
- Engage in development of client cloud security strategy and roadmap.
- Perform security maturity assessments of various cloud environments, including testing of cloud security configuration and related controls
- Coordinate with clients and team members to identify the right balance of defense-in-depth techniques to translate customer’s security goals into a secure and effective solution
- Provide guidance on the administration and maintenance of security systems infrastructure, applications, devices, tools, and software services
- Support and guide information risk and security discussions with technical and non-technical groups
- Identify enterprise information security, privacy and compliance related problems and challenges; research and develop technical solutions to rectify them
- Participate in design and operationalization of tactical response and recovery activities in the event of an information security breach
- Develop and operationalize enterprise information security programs and related components
- Assess cyber-related policy, procedures, legislation, and implementation directives
- Assess and remediate compliance with industry regulations and frameworks across multiple industries that are relevant to cybersecurity (e.g. NIST CSF, PCI, SOX 404, HIPAA, ISO, FEDRAMP, GLB, CCPA, GDPR)
What You'll Do
- BS in related Information Technology field or equivalent combination of education and experience
- 2+ years of directly relevant cloud security configuration and architecture experience including identifying risk areas and proposing recommendations
- 3+ years of experience supporting cloud architecture, design, implementation, operations and automation in AWS, Azure or GCP.
- 1+ years of experience with cloud security testing and automation tools and techniques
- Strong experience with AWS, Azure or GCP platform capabilities and services (Professional Cloud Architect, Cloud DevOps Engineer, or Cloud Security Engineer), including security certifications
- Excellent communication, organizational, and problem-solving skills
- Effective documentation skills, to include technical diagrams and written descriptions
- Ability to work independently and as part of a team with professional attitude and demeanor
- Critical thinking, and ability to balance security requirements with mission needs
- Exampled relationship management and ability to work with C-Suite
- Ability to work quickly, efficiently and accurately in a dynamic and fluid environment
Bonus Points
- Previous experience supporting clients from within a professional services organization
- Cloud-based networking experience (Palo Alto, CheckPoint, Cisco ASAv, F5, etc....)
- Expertise with serverless, microservices, and other modern application architectures
- One or more of the following certifications: Microsoft Certified Azure Security Engineer Associate (AZ-500), AWS Certified Security – Specialty, Google Professional Cloud Security Engineer, GIAC Cloud Security Automation (GCSA)CISSP, CCSP, CCSK, CISSP
- Familiarity with configuration baseline standards such as CIS Benchmarks & DISA STIG
Tags: Automation AWS Azure C CCPA CCSP CISSP Cloud Compliance DevOps FedRAMP GCP GDPR GIAC HIPAA Microservices NIST Privacy Security strategy Strategy
Perks/benefits: Career development Competitive pay Equity Flex vacation Salary bonus Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Engineer jobs
- Open Senior Cyber Security Specialist jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs