Senior Consultant, SOC Advisory | Remote US
About CoalfireCoalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world. But that’s not who we are – that’s just what we do.We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. And we’re growing fast.We’re looking for a Senior Consultant to support our ISO/SOC Advisory team. Position SummaryYou will perform a variety of SOC engagements (such as workshops, system description, policy and procedure development) for SOC compliance. This role will specialize in assessing the readiness for SOC compliance and providing those advisory services necessary for a successful audit.
What You'll Do
- You’ll work collaboratively with a team of ISO/SOC advisory assessors as a ISO/SOC advisor and assist with the planning and delivery of those services.
- Be the team lead on engagements against ISO/SOC compliance to provide information security technical and non-technical expertise.
- Work with other teams within Coalfire, and collaborate with the ISO/SOC assessment team, to drive customer success.
- Lead on-site engagements with clients. This includes onsite visits, understanding customer security and compliance requirements and environments, and proposing and delivering packaged offerings or custom solution engagements.
- Develop technical content, such as procedures and policies, risk management tools, etc., that will be used by our clients to assist them in elevating/build out their security programs for ISO/SOC compliance.
- Delivery projects to build out compliance roadmaps, architecture guidance, gap remediation, etc.
What You'll Bring
- 3+ years experience performing and or participating in SOC 2 examinations
- 3+ years of experience in an IT security audit, assessment, compliance, risk management, or data privacy role (Big 4 is a plus)
- Bachelor's Degree in Computer Science, Information Systems Management, Information Security, Business or equivalent experience required
- Certified Information Systems Auditor (CISA) or equivalent
- Willing to travel up to 25%
Bonus Points
- 3+ years experience performing and or participating in ISO/IEC 27001:2022 certifications
- Experience working with any of the following frameworks: ISO/IEC 27001:2022, ISO/IEC 27701:2019, ISO/IEC ISO/IEC 9001:2015, Health Insurance Portability and Accountability Act (HIPAA), HITRUST, or National Institute of Standards and Technology (NIST) frameworks
- Certificate of Cloud Security Knowledge (CCSK), Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP/US), or Certified Information Security Manager (CISM)
- ISO/IEC 27001 Lead Auditor Certificate