Skip to content
← Back to job listings

Senior Consultant - FedRAMP Assessment

Coalfire · Remote, United States

CybersecuritySenior LevelRemoteQuick applycontract4 days ago

About The Role

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

The Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.

What You'll Do

  • Provides advice to customers on issues affecting the scope of work in a manner that provides additional value
  • Develop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls
  • Leads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
  • Maintains strong depth of knowledge in one or more cybersecurity frameworks.
  • Prepare, review and approve assessment reports.
  • Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
  • Ensures quality products and services are delivered on time.
  • Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
  • Provide mentorship to team members in areas of audit, assessment, technical review and writing.
  • Interfaces with clients through entire engagement, interacting with all levels of client organizations
  • Establish and maintain positive collaborative relationships with clients and stakeholders
  • Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
  • Collaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
  • Establishes account relationships and identifies upsell and cross sell opportunities and escalates to sales.
  • Draft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment
  • Leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements
  • Assess security vulnerabilities against the appropriate security frameworks
  • Pursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured
  • Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification
  • Educate and interpret compliance activities for clients
  • Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable
  • Remote work environment
  • Travel 20%

What You'll Bring

  • Bachelor's degree (four-year college or university) in IT or business, or equivalent combination of education and work experience
  • Five to ten (5-10) years of experience as a consultant within professional IT services
  • Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF
  • Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53
  • Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)
  • Experience with virtualization or cloud technologies
  • Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)
  • Knowledge of information security related solutions, tools, and utilities
  • Excellent verbal and written skills
  • Willing to travel up to 20%

Must have an active CISSP and one of the following certifications

  • Cisco Certified Network Associate Security (CCNA Security)
  • Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops)
  • Cybersecurity Analyst (CySA+)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Systems and Network Auditor (GSNA)
  • GIAC Certified Intrusion Analyst (GCIA)
  • Certified Information Systems Auditor (CISA)
  • Certified Information System Security Professional or Associate (CISSP or Associate)
  • Certified Secure Software Lifecycle Professional (CSSLP)
  • Certified Information Systems Security Officer (CISSO)
  • CyberSec First Responder (CFR)
  • CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE)
  • CompTIA Cloud+ (Cloud+)
  • Global Industrial Cyber Security Professional (GICSP)
  • Securing Cisco® Networks with Threat Detection Analysis (SCYBER)
  • BCR Cyber Technical Proficiency Testing Activity

Bonus Points

  • Hold Cloud Security focused certifications (AWS, Azure, CCSK, etc.)

This listing was posted by a verified recruiter at Coalfire. Report this listing