Principal, GRC Advisory | Remote US

Posted 19 Days Ago
Be an Early Applicant
Hiring Remotely in USA
Remote
104K-180K Annually
Senior level
Cloud • Security • Cybersecurity
The Role
As a Principal Consultant, you will lead cybersecurity compliance assessments, mentor team members, develop technical content, and engage with clients to enhance their security programs. You'll also contribute to thought leadership and ensure client satisfaction through effective collaboration and delivery of services.
Summary Generated by Built In

About Coalfire


Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.


But that’s not who we are – that’s just what we do.

 

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.


Position Summary


As a Principal Consultant on our ISO/SOC Advisory team, you'll be considered a Compliance Advisory subject matter expert (SME) in a particular technical area e.g. evaluating/assessing the security and compliance of client firms/services against regulatory and industry requirements and standards, and against security best practice frameworks, etc.


The Principal Consultant (SME) is expected to leverage their technical and business experience across three (3) domains, including:

1. Evaluate and enhance the security of complex systems that may impact both risk and compliance for organizations, large and small.

2. Mentor and develop team members to help grow the team and its capabilities

3. Engage outwardly into the community through blog posts, technical white papers, forum participation and conference speaking engagements. Engage inwardly to support business and practice growth by developing Sales/Marketing collateral, delivery methodologies and SOPs, train/mentor colleagues as necessary and serve as the SME for all topics related to your technical or compliance area of expertise


What You'll Do

  • Work with other teams within Coalfire to drive customer success.
  • Scope and lead on-site engagements with clients. This includes leading pre-sales calls, onsite visits, understanding customer security and compliance requirements and environments, and proposing and delivering packaged offerings or custom solution engagements.
  • Develop technical content, such as security plans, procedures, policies, and white papers that can be used by our clients to assist them in elevating/building out their security and compliance programs.
  • Lead delivery engagements including on-site projects working with clients to build out compliance roadmaps, architecture guidance, gap assessments, etc.
  • Collaborate with Coalfire engineering, support and business teams to convey partner and customer feedback.
  • Serve as the practice subject matter expert (SME) for escalations, sales/marketing support, driving practice profitability and revenue.
  • Provide Delivery Team Support, including: identifying process improvements, training Delivery personnel on methodologies/tools and quality topics, and mentoring Delivery personnel.
  • Development of industry-wide service line thought leadership through:
  • Authoring: methodologies, templates, white papers, work instructions, guidelines, forms, tools
  • Developing and delivering industry specific training, including speaking/presenting at
  • conferences, creating webinars
  • Support management of client satisfaction at all phases of the client relationship.
  • Ensure continuous professional development by maintaining industry specific certifications.
  • Maintain strong depth of knowledge in the practice area.
  • Collaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
  • Establish account relationships and identifies upsell and cross sell opportunities and escalates to sales

What You'll Bring

  • 7+ years of experience in an IT security audit, assessment, compliance, risk management, or data privacy role.
  • Knowledge and awareness of the latest information risk, security and compliance innovations, trends, challenges and solutions.
  • Knowledge of strategy, privacy and risk standards/frameworks and professional practices (NIST, ISO, CIS Top 20, ISSA, CSA CMM, Privacy by Design and FAIR, etc.).
  • Knowledge of the typical enterprise risk and security operational practices.
  • Knowledge of information security related solutions, tools and utilities.
  • Experience in strategy development, setting direction for team members, influencing both internally and externally.
  • Experience building common compliance frameworks as well as mapping between different compliance requirements.
  • Demonstrated breadth of security expertise in various sub domains such as encryption, identity, incident response, etc.
  • Hands-on technical expertise is nice to have due to the technical components of the frameworks that are worked with.
  • Experience with risk assessment methodologies and risk reporting for executive leadership.
  • Proven background in clearly writing complex technical documents that can be presented across a varied enterprise corporate audience.
  • 7+ years of experience working with one or more of the following:
  • - Payment Card Industry (PCI) Council's Payment Card Industry Data Security Standard (PCI DSS)
  • - ISO/IEC 27001:2022
  • - ISO 9001:2015
  • - System and Organization Controls (SOC) 2
  • - National Institute of Standards and Technology (NIST) frameworks (800 series)
  • - HITRUST framework
  • - Health Insurance Portability and Accountability Act (HIPAA)
  • - Health Information Technology for Economic and Clinical Health Act (HITECH)
  • Bachelor's Degree in Computer Science, Information Systems Management, Information Security, Business or equivalent experience required.
  • CISSP
  • CISM or CISA
  • In addition, dependent on the framework(s) you will be supporting you must have one or more of the following:
  • ISO: ISO/IEC 27001 Lead Auditor/Implementer
  • Certified CSF Practitioner (CCSFP)
  • PCI: Qualified Security Assessor (QSA)

Bonus Points

  • AWS, Azure, Google Cloud Platform certification(s).
  • OpenFair, CRISC or related certification
  • CCSK certification
  • Big Four Advisory/Consulting Experience

Why You’ll Want to Join Us


At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.


Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.


At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, our Human Resources team at [email protected].

Top Skills

Cybersecurity
The Company
HQ: Westminster, CO
1,062 Employees
On-site Workplace
Year Founded: 2001

What We Do

Coalfire is the cybersecurity advisor that helps private and public sector organizations avert threats, close gaps, and effectively manage risk. By providing independent and tailored advice, assessments, technical testing, and cyber engineering services, we help clients develop scalable programs that improve their security posture, achieve their business objectives, and fuel their continued success. Coalfire has been a cybersecurity thought leader for more than 20 years and has offices throughout the United States and Europe.

Similar Jobs

Network Coverage Logo Network Coverage

GRC Consultant

Information Technology • Consulting
Remote
United States
114 Employees
Easy Apply
Remote
United States
800 Employees

Square Logo Square

Knowledge and Content Strategy Operations Lead

eCommerce • Fintech • Hardware • Payments • Software • Financial Services
Remote
Hybrid
8 Locations
12000 Employees
126K-223K Annually

Dropbox Logo Dropbox

Procurement Transformation Lead

Artificial Intelligence • Cloud • Consumer Web • Productivity • Software • App development • Data Privacy
Remote
United States
2500 Employees
128K-173K Annually

Similar Companies Hiring

Silverfort Thumbnail
Security • Sales • Information Technology • Cybersecurity • Automation
GB
357 Employees
Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees
RunPod Thumbnail
Software • Infrastructure as a Service (IaaS) • Cloud • Artificial Intelligence
Charlotte, North Carolina
53 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account