- Work collaboratively with a team of assessors as a compliance specialist in at least one area of expertise and assist with the planning of assessment for clients
- Autonomously leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements
- Identify exceptions against the appropriate security frameworks
- First-level reviewer of drafted deliverables
- Pursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured
- Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification
- Assess client provided documentation for compliance with a variety of standards
- Partner with senior members to prepare and review assessment deliverables.
- Educate and interpret compliance activities for clients
- Manage priorities and tasks to achieve delivery utilization targets
- Ensures quality products and services are delivered on time per Coalfire quality standards.
- Continuous professional development; maintain industry specific certifications, depth of knowledge, credentials, and designations
- Collaborates and communicates successfully with project managers, quality management and/or other delivery team members to drive customer satisfaction and meet project deliverables.
- Establish and maintain positive collaborative relationships with clients and stakeholders
- Identifies upsell and cross sell opportunities and escalates to appropriate leadership
- Execute, examine, interview and test procedures in accordance with the appropriate control
- Ensure cyber security policies are adhered to and that required controls are implemented
- Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable
- Provides advice to customers on issues affecting the scope of work in a manner that provides additional value
- Develop documentation and author recommendations associate with your findings on how to improve the customer's security posture in accordance with appropriate controls
- Travel typically 15-20%
- Ability to be successful in a remote environment.
- 1+ years of experience as an IT Consultant, IT auditor, Business Analyst, or similar role
- At least one information security certification, such as CCSFP, CISSP, CISA, or CIA (or willing to obtain one of these certifications)
- Bachelor's degree (four-year college or university) or equivalent combination of education and work experience. Degree preferably in Information Systems or Business.
- General knowledge of IT audit procedures and cyber security best practices
- Experience and demonstrated ability to independently research a technical topic and develop logical testing approaches
- Experience and demonstrated ability to lead testing sessions for assigned controls.
- Demonstrated experience reading and interpreting security framework criteria
- Strong written and verbal communication skills including quick response time the ability to explain technical matters to a non-technical audience
- Strong Consulting skills: ability to advise and challenge the status quo while building strong relationships
- Ability to build high-trust relationships, rapport and credibility quickly
- Strong personal initiative to appropriately manage time and meet deadlines
- High attention to detail and quality
- Computer and typing skills that permit rapid data collection and note taking
- Has a sense of urgency and ability to multi-task
- Ability to participate and facilitate meetings to small or large groups
- Public speaking and executive presence that solicits attention
- Inquisitive and curious nature with the ability to effectively probe for deeper information
- Diplomatic and broad minded
- Strong technical researcher
- Expertise in security frameworks and regulatory requirements (HITRUST, HIPAA most preferred; SOC 2, ISO, NIST, COBIT, PCI are also helpful).
- Experience or education in healthcare IT environments or security frameworks (HITRUST, HIPAA)·
- Experience working with technologies hosted via cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform
- AWS Solution Architect or other CSP certification
Apply for the job now! Apply Now