[{"additionalPlain":"Why You’ll Want to Join Us\n \nAt Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.\n \nRegardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.\n \nAt Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com.\n","additional":"Why You’ll Want to Join Us
\n
\nAt Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
\n
\nRegardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
\n
\nAt Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"Corporate","location":"United States","team":"Operations Management","allLocations":["United States"]},"createdAt":1779478365636,"descriptionPlain":"About Coalfire\n \nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n \nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","description":"About Coalfire
\n
\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
\n
\nBut that’s not who we are – that’s just what we do.
\n
\nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","id":"29f2623e-c454-4819-9b48-2bd834a1f9cc","lists":[{"text":"What You'll Do","content":"Learning & Development
\n\nDesign, build, and continuously improve a curriculum of AI training programs spanning foundational literacy, role-specific fluency, and advanced practitioner development\nPartner with functional leads across the business to understand skill gaps and tailor learning pathways to specific roles (advisory, delivery, operations, etc.)\nDevelop and manage self-paced resources, workshops, certifications, and onboarding materials that scale across a distributed workforce\nTrack learning outcomes and adoption metrics, using data to continuously sharpen what's working\n\nCommunity & Culture
\n\nBuild and run Coalfire's internal AI community - creating spaces (channels, forums, events, office hours) where employees can share what they're building, ask questions, and learn from each other \nIdentify and cultivate internal AI champions and power users across the organization \nFacilitate knowledge-sharing and peer learning so best practices spread organically, not just top-down\n\nEvangelism & Engagement
\n\nBe the voice that keeps AI top-of-mind internally - translating complex or abstract AI developments into relatable, relevant narratives for a general employee audience \nDevelop and distribute internal communications (newsletters, announcements, spotlights) that highlight real AI wins, use cases, and learnings from across the company\nRepresent the AI & Data team at all-hands meetings, internal events, and cross\u0002functional forums\n\nStrategy & Influence
\n\nServe as a thought partner to the Chief AI & Data Officer on the human dimensions of our AI strategy - readiness, culture, change management \nCollaborate with HR and People teams on integrating AI competencies into talent development frameworks, performance expectations, and hiring\nStay current on enterprise AI trends, tools, and adult learning best practices, bringing relevant insights back to the team \n"},{"text":"What You'll Bring","content":"\n7+ years of experience in a combination of learning & development, organizational change, technical training, or community building - ideally in a technology-forward or professional services environment\nDemonstrated ability to take complex technical topics and make them accessible, engaging, and actionable for non-technical audiences\nExperience building programs from scratch, not just inheriting and maintaining them\nStrong written and verbal communication skills - you can write a compelling internal newsletter and facilitate a room of skeptical senior consultants\nGenuine enthusiasm for AI and its practical applications in the workplace; you don't need to be an engineer, but you need to be deeply curious and credible\nComfort working in a high-growth, fast-moving environment where the roadmap is still being written\nExperience working cross-functionally and influencing without direct authority \n"},{"text":"Bonus Points","content":"\nBackground in cybersecurity, GRC, or professional services\nExperience with learning management systems (LMS) and adult instructional design\nFamiliarity with enterprise AI tools (Copilot, Claude, etc.) and how they're being deployed in professional environments \n"}],"salaryRange":{"max":178000,"currency":"USD","interval":"per-year-salary","min":158000},"salaryDescription":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
","salaryDescriptionPlain":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. \n","text":"AI Enablement & Community Lead","country":"US","workplaceType":"remote","opening":"About Coalfire
\n
\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
\n
\nBut that’s not who we are – that’s just what we do.
\n
\nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n \nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n \nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"","descriptionBodyPlain":"","hostedUrl":"https://jobs.lever.co/coalfire/29f2623e-c454-4819-9b48-2bd834a1f9cc","applyUrl":"https://jobs.lever.co/coalfire/29f2623e-c454-4819-9b48-2bd834a1f9cc/apply"},{"additionalPlain":"Why You’ll Want to Join Us\n\nAt Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.\n\nRegardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.\n\nAt Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com.\n","additional":"Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"Assessment Services","location":"United States","team":"SaaS/Consumer Services","allLocations":["United States"]},"createdAt":1780779841574,"descriptionPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","description":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","id":"9c0a4ead-fefc-4abb-bbb4-1955a60e3d4a","lists":[{"text":"What You'll Do","content":"\n\n
Work closely with senior members to support audit preparation and document assessments against prescribed sets of criteria\nExecute, examine, interview, and test procedures in accordance with the proper control or compliance system\nEnsure cybersecurity policies are adhered to an that required controls are implemented\nValidate respective information system security plans to ensure that appropriate control requirements are met\nTake charge of identifying information sources, gathering and interpreting data, and ensuring diligent and accurate data and note capturing of customer interviews\nPursue and corroborates conclusions derived from inquiry procedures\nProactively drafts and documents audit planning and reporting material for peer review at appropriate milestones throughout the engagement lifecycle\nAdhere to pre-defined project timelines and communicates possible changes to the schedule or scope of work\nUnderstand how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each deliverable\nProvide advice to the client on various matters related to the assessment/audit and effectively requests or communicates technical requirements to a non-technical audience\nSupport and maintain positive collaborative relationships with clients and stakeholders\nMaintain industry expertise by studying for and achieving industry recognized certifications\n\n"},{"text":"What You'll Bring","content":"\n\n
Strong written and verbal communication skills including the ability to explain security controls to a non-technical audience\nStrong personal initiative to appropriately manage time and meet deadlines\nHigh attention to detail and quality\nComputer and typing skills that permit rapid data collection and note taking\nAbility to participate and support meetings to small or large groups\nPublic speaking and emerging executive presence\nInquisitive and curious nature with the ability to effectively probe for deeper information\nDiplomatic and broad minded\nStrong technical researcher\nAn introductory understanding of IT security technologies including cloud architecture and application security, firewalls, access management, and data protection\nEducational or work experience involving IT Security and/or IT Audit principles\nBachelor's degree (four-year college or university) or equivalent combination of education and work experience. Degree preferably in Information Systems or Business.\n\n"},{"text":"Bonus Points","content":"\n\n
Experience as an IT Consultant, IT auditor, Business Analyst, or similar role\nExperience working with technologies hosted via cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform)\nAt least one information security certification, such as CCSK or CompTIA Security+ (or willing to obtain one of these certifications)\nAmazon Web Services (AWS) Certified Cloud Practitioner\n\n"}],"salaryRange":{"min":53000,"max":92000,"currency":"USD","interval":"per-year-salary"},"salaryDescription":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
","salaryDescriptionPlain":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. \n\n","text":"Associate, FedRAMP Assessment","country":"US","workplaceType":"remote","opening":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"","descriptionBodyPlain":"","hostedUrl":"https://jobs.lever.co/coalfire/9c0a4ead-fefc-4abb-bbb4-1955a60e3d4a","applyUrl":"https://jobs.lever.co/coalfire/9c0a4ead-fefc-4abb-bbb4-1955a60e3d4a/apply"},{"additionalPlain":"Why You’ll Want to Join Us \nAt Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.\n \nRegardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.\n \nAt Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com.\n","additional":"\n
Why You’ll Want to Join Us
\n
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
\n
\n
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
\n
\n
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at
HumanResourcesMB@coalfire.com.
\n
About Coalfire
\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
\nBut that’s not who we are – that’s just what we do.
\nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
\nPosition Summary
\nAs an Associate you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will develop a strong understanding of framework requirements, perform audit/assessments, and contribute to reports for clients. You will work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.
\n
\nThis team focuses on assessments for hyperscale cloud providers, and has a particular expertise in SOC 1, SOC 2, C5, and DSA assessments. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities.
\n
\nThis position is a remote position that must be located in the United Kingdom (England, Scotland, Wales, and/or Northern Ireland). Coalfire has an office in Manchester, UK so there is opportunity to work in the office in a hybrid capacity if preferred.
\n
","id":"4a50fd86-c618-49e7-9bf8-00bc0c741153","lists":[{"text":"What You'll Do","content":"\n
\n- Conduct audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
\n- Assess client provided documentation for compliance with a variety of standards.
\n- Prepare and review assessment reports.
\n- Educate and interpret compliance activities for clients
\n- Manage priorities and tasks to achieve delivery utilization targets.
\n- Ensures quality products and services are delivered on time per Coalfire quality standards.
\n- Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
\n- Collaborates with project managers, quality management and/or other delivery team members to drive customer satisfaction and meet project deliverables.
\n- Establish and maintain positive collaborative relationships with clients and stakeholders
\n- Identifies upsell and cross sell opportunities and escalates to leadership team
\n- Evaluate the design and effectiveness of technology controls throughout the business cycle
\n\n
\n
\n- Introductory understanding of audit procedures and IT security especially as it relates to SOC 1 and SOC 2 or other regulatory frameworks
\n- Experience and demonstrated ability to independently research a technical topic and develop logical testing approaches
\n- Strong personal initiative to appropriately manage time and meet deadlines
\n- Strong Consulting skills; ability to advise and challenge the status quo while building strong relationships
\n- Ability to build high-trust relationship and credibility quickly
\n- High attention to detail
\n- Ability to facilitate meetings to small or large groups
\n- Diplomatic and broad minded
\n\n
\n
\n- Experience as an IT Consultant, IT auditor, Business Analyst, or similar role
\n- Information Security, Technical Audit, or Cloud Technology Certifications desired
\n- Bachelor’s degree
\n\n
\n
The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
\n
\n
#LI-HW1
\n
#LI-Remote
\n
About Coalfire
\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
\nBut that’s not who we are – that’s just what we do.
\nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
\nPosition Summary
\nAs an Associate you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will develop a strong understanding of framework requirements, perform audit/assessments, and contribute to reports for clients. You will work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.
\n
\nThis team focuses on assessments for hyperscale cloud providers, and has a particular expertise in SOC 1, SOC 2, C5, and DSA assessments. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities.
\n
\nThis position is a remote position that must be located in the United Kingdom (England, Scotland, Wales, and/or Northern Ireland). Coalfire has an office in Manchester, UK so there is opportunity to work in the office in a hybrid capacity if preferred.
\n
","descriptionBodyPlain":"About Coalfire\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\nBut that’s not who we are – that’s just what we do.\nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n \nPosition Summary\n\nAs an Associate you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will develop a strong understanding of framework requirements, perform audit/assessments, and contribute to reports for clients. You will work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.\n \nThis team focuses on assessments for hyperscale cloud providers, and has a particular expertise in SOC 1, SOC 2, C5, and DSA assessments. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities.\n \nThis position is a remote position that must be located in the United Kingdom (England, Scotland, Wales, and/or Northern Ireland). Coalfire has an office in Manchester, UK so there is opportunity to work in the office in a hybrid capacity if preferred.\n \n","hostedUrl":"https://jobs.lever.co/coalfire/4a50fd86-c618-49e7-9bf8-00bc0c741153","applyUrl":"https://jobs.lever.co/coalfire/4a50fd86-c618-49e7-9bf8-00bc0c741153/apply"},{"additionalPlain":" \n#LI-HW1\n#LI-Remote\n\n\nWhy You’ll Want to Join Us\nAt Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.\nRegardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.\nAt Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com.\n","additional":"
Why You’ll Want to Join Us
\nAt Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
\nRegardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
\nAt Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com.
","categories":{"commitment":"Regular Full Time","department":"Assessment Services","location":"United Kingdom","team":"AppDev/Finance/B2B","allLocations":["United Kingdom"]},"createdAt":1774551725315,"descriptionPlain":"About Coalfire\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\nBut that’s not who we are – that’s just what we do.\nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n\n\nPosition Summary\nAt Coalfire as a Consultant you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. You will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. You will also get to work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables\nThis is a great opportunity as a Security Consultant to make an impact and enhance clients security posture and business processes affecting information security and data privacy through technical evaluation of governance programs. You will regularly interact with peers and clients as both an auditor and assessor, depending on the engagement. As a Consultant you will evaluate the design and operating effectiveness of controls supporting management systems and will help to identify improvement opportunities. You will test technical controls, policies and procedures, laws, regulations, and industry best practices.\nIn this role, as a Consultant you facilitate Security Control Assessments and other advanced-level monitoring activities, often within cloud-based environments. To succeed, you will need a strong understanding of technical and non-technical security related system controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls. Our consultants works in a team atmosphere with an experienced Technical Project Lead, and is assigned technical sections and expected to create client-ready deliverables. \nA Security Consultant on the SOC/PCI team helps to enhance clients’ security posture and ensure that business and customer data is properly protected. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities.\nThis position is a remote position that must be located in the United Kingdom (England, Scotland, Wales, and/or Northern Ireland). Coalfire has an office in Manchester, UK so there is opportunity to work in the office in a hybrid capacity if preferred.\n","description":"About Coalfire
\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
\nBut that’s not who we are – that’s just what we do.
\nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
Position Summary
\n\n
At Coalfire as a Consultant you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. You will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. You will also get to work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables
\n
This is a great opportunity as a Security Consultant to make an impact and enhance clients security posture and business processes affecting information security and data privacy through technical evaluation of governance programs. You will regularly interact with peers and clients as both an auditor and assessor, depending on the engagement. As a Consultant you will evaluate the design and operating effectiveness of controls supporting management systems and will help to identify improvement opportunities. You will test technical controls, policies and procedures, laws, regulations, and industry best practices.
\n
In this role, as a Consultant you facilitate Security Control Assessments and other advanced-level monitoring activities, often within cloud-based environments. To succeed, you will need a strong understanding of technical and non-technical security related system controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls. Our consultants works in a team atmosphere with an experienced Technical Project Lead, and is assigned technical sections and expected to create client-ready deliverables.
\n
A Security Consultant on the SOC/PCI team helps to enhance clients’ security posture and ensure that business and customer data is properly protected. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities.
\n
This position is a remote position that must be located in the United Kingdom (England, Scotland, Wales, and/or Northern Ireland). Coalfire has an office in Manchester, UK so there is opportunity to work in the office in a hybrid capacity if preferred.\n\n
Work collaboratively with a team of assessors as a compliance specialist in at least one area of expertise and assist with the planning of assessment for clients\nDraft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment\nAutonomously leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements\nAssess security vulnerabilities against the appropriate security frameworks\nFirst-level reviewer of drafted audit planning and reporting materials\nPursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured\nOffline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification\nAssess client provided documentation for compliance with a variety of standards\nPartner with senior members to prepare and review assessment reports.\nEducate and interpret compliance activities for clients\nManage priorities and tasks to achieve delivery utilization targets\nEnsures quality products and services are delivered on time per Coalfire quality standards.\nContinuous professional development; maintain industry specific certifications, depth of knowledge, credentials, and designations\nCollaborates and communicates successfully with project managers, quality management and/or other delivery team members to drive customer satisfaction and meet project deliverables.\nEstablish and maintain positive collaborative relationships with clients and stakeholders\nIdentifies upsell and cross sell opportunities and escalates to appropriate leadership\nExecute, examine, interview and test procedures in accordance with the appropriate control\nEnsure cyber security policies are adhered to and that required controls are implemented\nUnderstands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable\nProvides advice to customers on issues affecting the scope of work in a manner that provides additional value\nDevelop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls\nTravel up to 25% possible\n\n"},{"text":"What You'll Bring","content":"\n
\n- 2+ years of experience as an IT Consultant, IT auditor, Business Analyst, or similar role
\n- Bachelor's degree (four-year college or university) or equivalent combination of education and work experience. Degree preferably in related field (CIS, MIS, or IT)
\n- General knowledge of IT audit procedures and cyber security best practices
\n- Experience and demonstrated ability to independently research a technical topic and develop logical testing approaches
\n- Experience and demonstrated ability to lead testing sessions for assigned controls.
\n- Demonstrated experience reading and interpreting security framework criteria
\n- Strong personal initiative to appropriately manage time and meet deadlines
\n- Strong Consulting skills; ability to advise and challenge the status quo while building strong relationships
\n- Ability to build high-trust relationship and credibility quickly
\n- High attention to detail
\n- Ability to facilitate meetings to small or large groups
\n- Diplomatic and broad minded
\n- Strong written and verbal communication skills including quick response time the ability to explain technical matters to a non-technical audience
\n- Has a sense of urgency and ability to multi-task
\n- Public speaking and executive presence that solicits attention
\n- Inquisitive and curious nature with the ability to effectively probe for deeper information
\n- Strong technical researcher
\n\n
\n
\n- Cloud experience (AWS, GCP, Azure)
\n- Assessment and compliance experience related to the financial services industry, fintech, insurance, banking, and/or B2B enterprise experience
\n- CCSK, CCP, Security + certifications
\n- AQSA certification
\n- One of the following Information Security certifications required or ability to obtain: CISSP, CISM or ISO 27001 Lead Implementer.
\n- One of the following Audit certifications required or ability to obtain: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO 27001 Lead Auditor.
\n
"}],"salaryRange":{"min":0,"max":0,"currency":"USD","interval":"per-year-salary"},"text":"Consultant - SOC2, PCI Assessment","country":"GB","workplaceType":"remote","opening":"About Coalfire
\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
\nBut that’s not who we are – that’s just what we do.
\nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\nBut that’s not who we are – that’s just what we do.\nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"Position Summary
\n\n
At Coalfire as a Consultant you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. You will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. You will also get to work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables
\n
This is a great opportunity as a Security Consultant to make an impact and enhance clients security posture and business processes affecting information security and data privacy through technical evaluation of governance programs. You will regularly interact with peers and clients as both an auditor and assessor, depending on the engagement. As a Consultant you will evaluate the design and operating effectiveness of controls supporting management systems and will help to identify improvement opportunities. You will test technical controls, policies and procedures, laws, regulations, and industry best practices.
\n
In this role, as a Consultant you facilitate Security Control Assessments and other advanced-level monitoring activities, often within cloud-based environments. To succeed, you will need a strong understanding of technical and non-technical security related system controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls. Our consultants works in a team atmosphere with an experienced Technical Project Lead, and is assigned technical sections and expected to create client-ready deliverables.
\n
A Security Consultant on the SOC/PCI team helps to enhance clients’ security posture and ensure that business and customer data is properly protected. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities.
\n
This position is a remote position that must be located in the United Kingdom (England, Scotland, Wales, and/or Northern Ireland). Coalfire has an office in Manchester, UK so there is opportunity to work in the office in a hybrid capacity if preferred.Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"Assessment Services","location":"United States","team":"SaaS/Consumer Services","allLocations":["United States"]},"createdAt":1780687998279,"descriptionPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n\n\nPosition Summary\n \nThe Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.\n","description":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
Position Summary
\n
\n
The Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.
\n
\n\n
Work collaboratively with a team of assessors as a federal compliance specialist (e.g. FedRAMP, NIST 800-171, FISMA, etc.) and assist with the planning of assessment for clients\nDraft audit observations that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment\nAutonomously leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements\nAssess security vulnerabilities against the appropriate security frameworks\nFirst-level reviewer of drafted audit planning and reporting materials\nPursue and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured\nOffline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification\nAssess client provided documentation for compliance with a variety of standards\nPrepare and review assessment reports.\nEducate and interpret compliance activities for clients\nManage priorities and tasks to achieve delivery utilization targets\nEnsure quality products and services are delivered on time per Coalfire quality standards.\nContinuous professional development; maintain industry specific certifications, depth of knowledge, credentials, and designations\nCollaborate with project managers, quality management and/or other delivery team members to drive customer satisfaction and meet project deliverables.\nEstablish and maintain positive collaborative relationships with clients and stakeholders\nIdentify upsell and cross sell opportunities; escalates to appropriate leadership\nExecute, examine, interview and test procedures in accordance with the appropriate control\nEnsure cyber security policies are adhered to and that required controls are implemented\nReview and assess respective information system security plans to ensure control requirements are met\nUnderstand how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable\nProvide advice to customers on issues affecting the scope of work in a manner that provides additional value\nDevelop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls\nRemote work environment\nTravel up to 20%\n\n"},{"text":"What You'll Bring","content":"\n\n
Minimum 2-3 years of experience in the IT industry, with strong familiarity with the applicable NIST Special\n
Bachelor's degree (four-year college or university) in IT or business, or equivalent combination of education and work experience.\n
Publications 800-37 Revision 2, 800-53 Revision 5, and 800-53A Revision 5\n
Technical and detailed understanding of NIST 800-53 Rev 5 AT, CA, CM, CP, IR, MA, MP, PE, PL, PS, RA, SA, SI control families\n
Ability to lead testing sessions for assigned controls\n
Ability to independently research a technical topic and develop logical testing approaches to validate 800-53 control implementations\n
Ability to assist team members with proper artifact collection and detail to client’s examples of artifacts that will satisfy assessment requirements\n
Read and interpret all control families\n
Read and interpret firewall rulesets and network/boundary/data flow diagrams \n
Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience \n
Strong personal initiative to appropriately manage time and meet deadlines \n
Strong Consulting skills; ability to advise and challenge the status quoe while building strong relationships \n
Ability to build high-trust relationship and credibility quickly \n
High attention to detail \n
Ability to facilitate meetings to small or large groups \n
Diplomatic and broad minded \n
Strong technical researcher \n
Ability to travel up to 20%\n\n
\n
Must have one of the following certs:
\n\n
Cisco Certified Network Associate Security (CCNA Security)\n
Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops)\n
Cybersecurity Analyst (CySA+)\n
GIAC Certified Incident Handler (GCIH)\n
GIAC Systems and Network Auditor (GSNA)\n
GIAC Certified Intrusion Analyst (GCIA)\n
Certified Information Systems Auditor (CISA)\n
Certified Information System Security Professional or Associate (CISSP or Associate)\n
Certified Secure Software Lifecycle Professional (CSSLP)\n
Certified Information Systems Security Officer (CISSO)\n
CyberSec First Responder (CFR)\n
CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE)\n
CompTIA Cloud+ (Cloud+)\n
Global Industrial Cyber Security Professional (GICSP)\n
Securing Cisco® Networks with Threat Detection Analysis (SCYBER)\n
BCR Cyber Technical Proficiency Testing Activity\n\n
\n
\n\n
Expertise in security frameworks and regulatory requirements (such as SOC 2, ISO, NIST, COBIT, HIPAA/HITECH, HITRUST or PCI).\nExperience working with technologies hosted via cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform)\nExperience reviewing Nessus output a plus, along with basic knowledge of networking components and various operating systems in a cloud environment, including UNIX and Microsoft. \nExpertise in other Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements. \n\n"}],"salaryRange":{"min":64000,"max":112000,"currency":"USD","interval":"per-year-salary"},"salaryDescription":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
\n
#LI-TF1
\n#LI-Remote
\n","salaryDescriptionPlain":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. \n\n\n#LI-TF1\n#LI-Remote\n","text":"Consultant, FedRAMP Assessment","country":"US","workplaceType":"remote","opening":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"\n
Position Summary
\n
\n
The Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.
\n
Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"DivisionHex / Penetration Testing","location":"United States","team":"Offensive Security - Compliance","allLocations":["United States"]},"createdAt":1779134270220,"descriptionPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","description":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","id":"9726bd53-791a-4ba9-b948-5699be92dfae","lists":[{"text":"What You'll Do","content":"\n
· Perform security assessments across various platforms and technologies
\n
· Simulate sophisticated cyberattacks to assess and improve client defenses
\n
· Advise clients on technical security and compliance best practices
\n
· Manage your own testing priorities and deliver high-quality work on time
\n
· Collaborate with internal teams—PMs, QA, sales, and other consultants—to deliver exceptional client service
\n
· Create and maintain testing methodologies, documentation, and processes
\n
· Write detailed, high-quality reports for both technical and executive stakeholders
\n
· Scope and lead penetration testing engagements from start to finish
\n
· Help resolve escalations during active assessments
\n
· Mentor junior team members and contribute to a positive team environment
\n
· Support the team’s success by contributing to KPIs, innovation, and knowledge sharing
\n
\n
· A Bachelor’s Degree (or equivalent experience) in Information Security, Computer Science, or a related field
\n
· 3+ years of hands-on experience in network and/or application penetration testing
\n
· Proficiency with scripting languages such as Python, PowerShell, Shell, or Ruby
\n
· Familiarity with security frameworks (e.g., PCI, HIPAA, FEDRAMP, HITRUST, or FISMA)
\n
· 1–3 years of experience in IT security audit and/or compliance roles
\n
· Strong technical foundation in networks, servers, workstations, and applications
\n
· Experience working in a consulting or client-facing role (minimum 3 years)
\n
· Strong communication and presentation skills—able to interface with both technical and non-technical stakeholders
\n
· Willingness to travel occasionally (up to 10%)
\n
You should have solid proficiency in at least one of the following areas:
\n
· Compliance-Driven Penetration Testing (e.g., PCI, FedRAMP)
\n
· Cloud Penetration Testing (e.g., AWS, Azure, GCP)
\n
· Network/Active Directory Penetration Testing
\n
· Application (Web/API/Mobile/Thick) Penetration Testing
\n
· Secure Code Review
\n
· Hardware or IoT Testing
\n
· Container Security Testing
\n
· AI or ML System Testing
\n
\n
· Proven ability to manage time and juggle multiple tasks under tight deadlines
\n
· Strong consulting presence—can lead client meetings, kickoff calls, and present findings clearly
\n
· Excellent report writing skills—capable of drafting both technical detail and executive summaries
\n
· Continuous learning mindset—actively pursuing certifications and keeping up with threat landscapes
\n
The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
","salaryDescriptionPlain":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. \n","text":"Consultant, Penetration Tester","country":"US","workplaceType":"remote","opening":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"","descriptionBodyPlain":"","hostedUrl":"https://jobs.lever.co/coalfire/9726bd53-791a-4ba9-b948-5699be92dfae","applyUrl":"https://jobs.lever.co/coalfire/9726bd53-791a-4ba9-b948-5699be92dfae/apply"},{"additionalPlain":"Why You’ll Want to Join Us\n \nAt Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.\n \nRegardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.\n \nAt Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com.\n \n","additional":"\n
\n
Why You’ll Want to Join Us
\n
\n
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
\n
\n
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
\n
\n
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at
HumanResourcesMB@coalfire.com.
\n
\n
\n
\n
About Coalfire
\n
\n
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
\n
\n
But that’s not who we are – that’s just what we do.
\n
\n
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
\n
Position Summary
\n
\n
\n
As a Consultant you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. You will work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.
\n
\n
This team focuses on assessments for hyperscale cloud providers, and has a particular expertise in SOC 1, SOC 2, C5, and DSA assessments. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities.
\n
\n
This position is a remote position that must be located in the United Kingdom (England, Scotland, Wales, and/or Northern Ireland). Coalfire has an office in Manchester, UK so there is opportunity to work in the office in a hybrid capacity if preferred.
\n
\n
\n
\n- Conduct audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
\n- Assess client provided documentation for compliance with a variety of standards.
\n- Prepare and review assessment reports.
\n- Educate and interpret compliance activities for clients
\n- Manage priorities and tasks to achieve delivery utilization targets.
\n- Ensures quality products and services are delivered on time per Coalfire quality standards.
\n- Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
\n- Collaborates with project managers, quality management and/or other delivery team members to drive customer satisfaction and meet project deliverables.
\n- Establish and maintain positive collaborative relationships with clients and stakeholders
\n- Identifies upsell and cross sell opportunities and escalates to leadership team
\n- Evaluate the design and effectiveness of technology controls throughout the business cycle
\n- Travel up to 15% possible
\n\n
\n
\n- 2+ years of experience as an IT Consultant, IT auditor, Business Analyst, or similar role
\n- Knowledge of Audit procedures and IT security especially as it relates to SOC 1 and SOC 2
\n- Experience with SOC 1 and SOC 2 security audits/assessment with some experience in additional regulatory frameworks
\n- Experience and demonstrated ability to independently research a technical topic and develop logical testing approaches
\n- Strong personal initiative to appropriately manage time and meet deadlines
\n- Strong Consulting skills; ability to advise and challenge the status quo while building strong relationships
\n- Ability to build high-trust relationship and credibility quickly
\n- High attention to detail
\n- Ability to facilitate meetings to small or large groups
\n- Diplomatic and broad minded
\n\n
\n
\n- Information Security, Technical Audit, or Cloud Technology Certifications desired
\n- Bachelor’s degree
\n\n
\n
\n
The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
\n
\n
\n
\n
#LI-HW1
\n
#LI-Remote
\n
\n
About Coalfire
\n
\n
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
\n
\n
But that’s not who we are – that’s just what we do.
\n
\n
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
\n
Position Summary
\n
\n
\n
As a Consultant you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. You will work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.
\n
\n
This team focuses on assessments for hyperscale cloud providers, and has a particular expertise in SOC 1, SOC 2, C5, and DSA assessments. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities.
\n
\n
This position is a remote position that must be located in the United Kingdom (England, Scotland, Wales, and/or Northern Ireland). Coalfire has an office in Manchester, UK so there is opportunity to work in the office in a hybrid capacity if preferred.
\n
\n
Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"Advisory Services","location":"United States","team":"Cloud Services","allLocations":["United States"]},"createdAt":1780926333638,"descriptionPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","description":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","id":"b80c142e-9c81-4add-bd2a-12733c3545b8","lists":[{"text":"What You’ll Do","content":"\nMaintain SIEM solutions (Splunk, Sentinel, ELK, LogRhythm, Sumo Logic) in cloud environments (AWS, Azure, GCP) to support FedRAMP continuous monitoring requirements\nMaintain and support SIEM platforms (Splunk, Sentinel, ELK, LogRhythm, Sumo Logic) in AWS, Azure, and GCP environments to support continuous monitoring and compliance requirements\nManage and maintain log collection infrastructure including forwarders, collectors, and ingestion pipelines across hybrid environments\nSupport SIEM performance tuning, storage management, retention settings, and licensing optimization under established operational guidelines\nImplement and maintain log retention and audit configurations aligned with FedRAMP and other compliance framework requirements\nDevelop, tune, and maintain detection rules, correlation searches, and alerting logic to identify security events\nCreate and maintain custom parsers and field extractions for complex or proprietary log sources\nReduce false positives through ongoing rule tuning, baseline analysis, and detection improvement efforts\nParticipate in peer reviews of detection rules and SIEM configuration changes\nMonitor SIEM alerts and investigate security events to support incident response and threat hunting activities\nContribute to development and maintenance of detection and response playbooks and operational procedures\nSupport troubleshooting of SIEM ingestion, parsing, and performance issues\nWork with infrastructure and application teams to onboard new log sources and improve security visibility\nCollect and organize SIEM control evidence and artifacts for audits and 3PAO assessment activities\nEnsure SIEM configurations support required controls such as audit review, log integrity, and time synchronization\nCreate and maintain SIEM architecture, detection, and operational documentation and runbooks\nProvide technical support during client reviews and operational meetings as assigned\nShare knowledge and provide guidance to junior team members\nContribute to process improvement and automation initiatives within SIEM and detection workflows\n"},{"text":"What You’ll Bring","content":"\n3+ years of hands-on systems engineering and architecture experience—including requirements definition, architecture development, use-case/story creation, and systems integration/testing.\n3+ years of cloud experience in architecture, design, implementation, operations, and automation (AWS, Azure, or GCP).\nProven expertise with SIEM platforms (e.g., Splunk, Sentinel, ELK, LogRhythm, Sumo Logic) and enterprise antivirus (AV) solutions (e.g., Trend Micro, CrowdStrike, Microsoft Defender).\nUnderstanding of AWS, Azure, or GCP platform capabilities (ideally as a Cloud Architect, Cloud DevOps Engineer, or Cloud Security Engineer).\nExperience working in Agile environments with technical teams of three or more individuals.\nExcellent communication, organizational, and problem-solving skills, with the ability to convey complex technical information clearly.\nStrong documentation skills for creating technical diagrams, written descriptions, and other supporting materials.\nDemonstrated ability to work both independently and as a member of a team, maintaining a professional attitude and demeanor.\nCritical thinking skills to balance robust security requirements against mission objectives.\nProven track record of adapting quickly and efficiently in fast-paced, dynamic environments.\nProven track record delivering end-to-end SIEM solutions in large-scale or high-compliance environments—from initial design through operational handover.\nHands-on leadership or senior-level contribution in cloud security projects, collaborating across cross-functional teams (e.g., DevOps, architecture, compliance) to drive impactful security outcomes.\nDocumented success integrating multiple security tools (SIEM, AV, intrusion detection systems, etc.) into a cohesive, enterprise-wide monitoring solution.\nHistory of working under strict regulatory or industry frameworks (e.g., FedRAMP, HIPAA, PCI), ensuring solutions meet required standards without sacrificing performance.\nDemonstrable client-facing experience in a consulting or services capacity, maintaining professionalism and clear communication in high-stakes or fast-paced engagements.\nSplunk Enterprise Certified Admin or SumoLogic Administration or Microsoft Security Operations Analyst Associate\nAWS Solutions Architect Professional or AWS DevOps Engineer Professional or Azure Solutions Architect Expert or GCP Cloud Architect\nBachelor’s degree or equivalent work experience.\nUS citizenship (required due to client contractual requirements)\n"},{"text":"Bonus Points","content":"\nProfessional services background: Prior experience supporting external clients from within a consulting or professional services organization.\nAutomation capabilities: Experience automating workflows in GitLab or GitHub with Terraform and Ansible.\nModern application architectures: Proven expertise with serverless, microservices, and related technologies.\nConfiguration baseline standards: Familiarity with CIS Benchmarks, DISA STIG, and other relevant guidelines.\nEncryption technologies: Hands-on experience implementing SSL, PKI, and other encryption methods.\nCompliance frameworks: Understanding of FedRAMP, FISMA, HIPAA, HITRUST, PCI, and similar regulatory standards.\nSplunk Enterprise Certified Architect or Splunk Certified Automation Developer\n"}],"salaryRange":{"min":78000,"max":135000,"currency":"USD","interval":"per-year-salary"},"text":"Security Engineer (Splunk)","country":"US","workplaceType":"remote","opening":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"","descriptionBodyPlain":"","hostedUrl":"https://jobs.lever.co/coalfire/b80c142e-9c81-4add-bd2a-12733c3545b8","applyUrl":"https://jobs.lever.co/coalfire/b80c142e-9c81-4add-bd2a-12733c3545b8/apply"},{"additionalPlain":"Why You’ll Want to Join Us\n\nAt Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.\n\nRegardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.\n\nAt Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com.\n","additional":"Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"Advisory Services","location":"United States","team":"Compliance Advisory","allLocations":["United States"]},"createdAt":1778186285605,"descriptionPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n\n\nPosition Summary\n \nThe Senior Consultant leads CMMC advisory consulting engagements, documentation development, scoping workshops, and other consulting services projects in their framework of expertise. In this role they will have a mastery of all framework security control requirements and have a strong understanding of defense industrial base (DIB) environments, such as engineering, manufacturing, construction, and associated cloud architectures. They manage project deliverables and develop reports for clients. They will also provide quality control and peer review to other members of the delivery staff. They will work closely with project managers, delivery owners, and other delivery team members to effectively manage project timelines and deliverables.\n","description":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
Position Summary
\n
\n
The Senior Consultant leads CMMC advisory consulting engagements, documentation development, scoping workshops, and other consulting services projects in their framework of expertise. In this role they will have a mastery of all framework security control requirements and have a strong understanding of defense industrial base (DIB) environments, such as engineering, manufacturing, construction, and associated cloud architectures. They manage project deliverables and develop reports for clients. They will also provide quality control and peer review to other members of the delivery staff. They will work closely with project managers, delivery owners, and other delivery team members to effectively manage project timelines and deliverables.
\n
\n\n
Lead IT system security consultation within cloud-based and on- premises environments in accordance with CMMC, NIST SP 800-171, NIST SP 800-53, 800- 37, DFARS, OMB, and other authoritative IT security guidance\nIndependently leads advisory consulting projects. With oversight from a delivery owner (senior manager, and/or director), is able to perform leadership tasks on all advisory projects such as gap analyses, workshops, and other consulting engagements.\nLead the development of System Security Plans and other documentation in accordance with CMMC and DFARS/NIST requirements\nPrepare, review and/or update, and maintain IT Security supporting artifacts\nProvide IT security guidance to Information System Owners, clients, and project team members\nIdentify information security problems and challenges, researching and developing technical solutions to rectify them\nPrepare, review and edit advisory reports.\nManage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.\nEnsures quality products and services are delivered on time.\nEscalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue.\nProvide mentorship to team members in areas of audit preparation, assessment, technical review and writing.\nInterfaces with clients through entire engagement, interacting with all levels of client organizations.\nEstablish and maintain positive collaborative relationships with clients and stakeholders\nContinuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.\n\n"},{"text":"What You'll Bring","content":"\n\n
3+ years experience with government compliance, including CMMC, FISMA, FedRAMP, and DoD RMF\nStrong knowledge of NIST Special Publications 800-171, 800- 30, 800-37, 800-53\nExperience with every step of the risk management framework (RMF) within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)\nExperience with virtualization or cloud technologies Experience with container-based architectures\nExperience with client-server and traditional on- premises architecture\nStrong knowledge of information security related solutions, tools, and utilities\nBachelor's degree in (four-year college or university) in IT or business, or equivalent combination of education and work experience\nCMMC Certifications (CCP, CCA, or Lead CCA)\nOptional: Technical cloud certification (AWS, Google, Azure or similar), CISSP, CISA, CISM, or equivalent\n\n"}],"salaryRange":{"min":86000,"max":148000,"currency":"USD","interval":"per-year-salary"},"salaryDescription":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
\n
#LI-TF1
\n#LI-Remote
\n","salaryDescriptionPlain":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. \n\n\n#LI-TF1\n#LI-Remote\n","text":"Senior CMMC Consultant, Public Sector Advisory","country":"US","workplaceType":"remote","opening":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"\n
Position Summary
\n
\n
The Senior Consultant leads CMMC advisory consulting engagements, documentation development, scoping workshops, and other consulting services projects in their framework of expertise. In this role they will have a mastery of all framework security control requirements and have a strong understanding of defense industrial base (DIB) environments, such as engineering, manufacturing, construction, and associated cloud architectures. They manage project deliverables and develop reports for clients. They will also provide quality control and peer review to other members of the delivery staff. They will work closely with project managers, delivery owners, and other delivery team members to effectively manage project timelines and deliverables.
\n
Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"Assessment Services","location":"United States","team":"SaaS/Consumer Services","allLocations":["United States"]},"createdAt":1780780298994,"descriptionPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n\n\nPosition Summary\n \nThe Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.\n","description":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
Position Summary
\n
\n
The Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.
\n
\n\n
Provides advice to customers on issues affecting the scope of work in a manner that provides additional value \nDevelop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls \nLeads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. \nMaintains strong depth of knowledge in one or more cybersecurity frameworks. \nPrepare, review and approve assessment reports. \nManage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets. \nEnsures quality products and services are delivered on time. \nEscalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue \nProvide mentorship to team members in areas of audit, assessment, technical review and writing. \nInterfaces with clients through entire engagement, interacting with all levels of client organizations \nEstablish and maintain positive collaborative relationships with clients and stakeholders \nContinuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area. \nCollaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables. \nEstablishes account relationships and identifies upsell and cross sell opportunities and escalates to sales. \nDraft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment \nLeads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements \nAssess security vulnerabilities against the appropriate security frameworks \nPursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured \nOffline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification \nEducate and interpret compliance activities for clients \nUnderstands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable \nRemote work environment\nTravel 20%\n\n"},{"text":"What You'll Bring","content":"\n\n
Bachelor's degree (four-year college or university) in IT or business, or equivalent combination of education and work experience\n
Five to ten (5-10) years of experience as a consultant within professional IT services\n
Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF\n
Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53\n
Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)\n
Experience with virtualization or cloud technologies\n
Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)\n
Knowledge of information security related solutions, tools, and utilities\n
Excellent verbal and written skills\n
Willing to travel up to 20%\n\n
Must have an active CISSP and one of the following certifications:
\n\n
Cisco Certified Network Associate Security (CCNA Security)\n
Cisco Certified Network Associate Cyber Security Operations (CCNA Cyber Ops)\n
Cybersecurity Analyst (CySA+)\n
GIAC Certified Incident Handler (GCIH)\n
GIAC Systems and Network Auditor (GSNA)\n
GIAC Certified Intrusion Analyst (GCIA)\n
Certified Information Systems Auditor (CISA)\n
Certified Information System Security Professional or Associate (CISSP or Associate)\n
Certified Secure Software Lifecycle Professional (CSSLP)\n
Certified Information Systems Security Officer (CISSO)\n
CyberSec First Responder (CFR)\n
CompTIA Advanced Security Practitioner Continuing Education (CASP+) Continuing Education (CE)\n
CompTIA Cloud+ (Cloud+)\n
Global Industrial Cyber Security Professional (GICSP)\n
Securing Cisco® Networks with Threat Detection Analysis (SCYBER)\n
BCR Cyber Technical Proficiency Testing Activity\n\n
\n\n
Hold Cloud Security focused certifications (AWS, Azure, CCSK, etc.)\n\n"}],"salaryRange":{"min":86000,"max":148000,"currency":"USD","interval":"per-year-salary"},"salaryDescription":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
","salaryDescriptionPlain":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. \n","text":"Senior Consultant - FedRAMP Assessment","country":"US","workplaceType":"remote","opening":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"\n
Position Summary
\n
\n
The Security Consultant will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will have a strong understanding of framework requirements, perform audit/assessments, and develop reports for clients. They will work closely with Project Managers, Senior Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.
\n
Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"Assessment Services","location":"United States","team":"AppDev/Finance/B2B","allLocations":["United States"]},"createdAt":1777661961041,"descriptionPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world. \n \nBut that’s not who we are – that’s just what we do. \n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. \nAnd we’re growing fast. \n \nWe’re looking for a Senior Consultant to support our FedRAMP Assessment team. \n","description":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.
\n
\n
But that’s not who we are – that’s just what we do.
\n
\n
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
And we’re growing fast.
\n
\n
We’re looking for a Senior Consultant to support our FedRAMP Assessment team.
\n
\n\n
Provides advice to customers on issues affecting the scope of work in a manner that provides additional value \nDevelop documentation and author recommendations associate with your findings on how to improve the customer’s security posture in accordance with appropriate controls \nLeads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. \nMaintains strong depth of knowledge in one or more cybersecurity frameworks. \nPrepare, review and approve assessment reports. \nManage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets. \nEnsures quality products and services are delivered on time. \nEscalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue \nProvide mentorship to team members in areas of audit, assessment, technical review and writing. \nInterfaces with clients through entire engagement, interacting with all levels of client organizations \nEstablish and maintain positive collaborative relationships with clients and stakeholders \nContinuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area. \nCollaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables. \nEstablishes account relationships and identifies upsell and cross sell opportunities and escalates to sales. \nDraft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment \nLeads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements \nAssess security vulnerabilities against the appropriate security frameworks \nPursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured \nOffline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification \nEducate and interpret compliance activities for clients \nUnderstands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable \n\n"},{"text":"What You'll Bring","content":"\n- Bachelor's degree (four-year college or university) in IT or business, or equivalent combination of education and work experience
\n- Five to ten (5-10) years of experience as a consultant within professional IT services
\n- Must hold one of the following certifications: CASP+, GCED, GCIH, GSLC, CISA, CISM, CCSP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP, CFR, CCISO, BCR Cyber Technical Proficiency Testing Activity
\n- Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF
\n- Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53
\n- Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)
\n- Experience with virtualization or cloud technologies
\n- Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)
\n- Knowledge of information security related solutions, tools, and utilities
\n- Excellent verbal and written skills
\n- Willing to travel up to 25%
\n\n
"},{"text":"Bonus Points","content":"\n\n
Hold Cloud Security focused certifications (AWS, Azure, CCSK, etc.)\n\n"}],"salaryRange":{"min":86000,"max":148000,"currency":"USD","interval":"per-year-salary"},"salaryDescription":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
\n
#LI-TF1
\n#LI-Remote
\n","salaryDescriptionPlain":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. \n\n\n#LI-TF1\n#LI-Remote\n","text":"Senior Consultant, FedRAMP Assessment","country":"US","workplaceType":"remote","opening":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"\n
Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.
\n
\n
But that’s not who we are – that’s just what we do.
\n
\n
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
And we’re growing fast.
\n
\n
We’re looking for a Senior Consultant to support our FedRAMP Assessment team.
\n
Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"Assessment Services","location":"United States","team":"SaaS/Consumer Services","allLocations":["United States"]},"createdAt":1780421212928,"descriptionPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n\n\nPosition Summary\n \nAs a Senior Consultant you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. You will have an expert understanding of framework requirements, perform audit/assessments, and develop reports for clients. In the Senior Consultant role you will work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.\n \nAt Coalfire as a Senior Consultant you will help enhance our clients’ security posture, working with a wide range of clients to ensure that business and customer data is protected. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities. As a senior member of the team, you will also be responsible for enhancing engagement methodology, improving internal processes and overseeing and reviewing the work of Associates and Consultants.\n \nThis role facilitates Security Control Assessments and other advanced-level monitoring activities, often within cloud-based environments. To succeed, you will need a strong understanding of technical and non-technical security related system controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls. The role works in a team atmosphere with an experienced Technical Project Lead, and is assigned technical sections and expected to create client-ready deliverables.\n","description":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
Position Summary
\n
\nAs a Senior Consultant you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. You will have an expert understanding of framework requirements, perform audit/assessments, and develop reports for clients. In the Senior Consultant role you will work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.
\n
\nAt Coalfire as a Senior Consultant you will help enhance our clients’ security posture, working with a wide range of clients to ensure that business and customer data is protected. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities. As a senior member of the team, you will also be responsible for enhancing engagement methodology, improving internal processes and overseeing and reviewing the work of Associates and Consultants.
\n
\nThis role facilitates Security Control Assessments and other advanced-level monitoring activities, often within cloud-based environments. To succeed, you will need a strong understanding of technical and non-technical security related system controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls. The role works in a team atmosphere with an experienced Technical Project Lead, and is assigned technical sections and expected to create client-ready deliverables.
","id":"6d10834a-fb18-41d5-9aca-e202a2c2ce3f","lists":[{"text":"What You'll Do","content":"\n\n
Lead audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews with a primary focus on SOC 2 followed by SOC 1 and C5 audits.\nMaintain strong depth of knowledge in one or more cybersecurity frameworks.\nPrepare, review, and approve assessment reports.\nManage priorities, tasks, and hours on projects in conjunction with the project manager and delivery team members to achieve delivery utilization targets.\nEnsure quality products and services are delivered on time.\nEscalate client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue.\nProvide mentorship to team members in areas of audit, assessment, technical review and writing.\nInterface with clients through entire engagement, interacting with all levels of client organizations.\nEstablish and maintain positive collaborative relationships with clients and stakeholders.\nContinuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.\nCollaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.\nEstablish account relationships and identifies upsell and cross sell opportunities and escalates to sales.\nDraft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment.\nLead interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements.\nCommunicate effectively with internal team members and external clients regarding assessment status.\nAssess security vulnerabilities against the appropriate security frameworks,\nPursue and corroborate conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured.\nOffline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification.\nEducate and interpret compliance activities for clients.\nUnderstand how to apply quality standards and adhere to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable.\nProvide advice to customers on issues affecting the scope of work in a manner that provides additional value.\nDevelop documentation and author recommendations associate with findings on how to improve the customer’s security posture in accordance with appropriate controls.\nUp to 20% Travel\n\n"},{"text":"What You'll Bring","content":"\nBachelor’s degree (four-year college or university) or equivalent combination of education and work experience. Degree preferably in Information Systems, CIS, MIS or IT\n3-5 years of experience in security frameworks and regulatory requirements (such as SOC 2, C5, SSPA, ISO, NIST, COBIT, HIPAA/HITECH, HITRUST or PCI).\nThe ability to evaluate the design and effectiveness of technology controls throughout the business cycle.\nDemonstrated ability to structure and lead projects successfully\nStrong written and verbal communication skills, with the ability to communicate succinctly and instill confidence with internal stakeholders and external customers.\nExcellent Consulting skills: ability to advise and challenge the status quo while building strong relationships\nAbility to build high-trust relationships, rapport and credibility quickly\nStrong personal initiative to appropriately manage time, and manage time of others, to meet deadlines\nAbility to shift focus frequently while maintaining excellent quality\nSkill and will to train and mentor junior staff\nComputer and typing skills that permit rapid data collection and note taking\nAbility to facilitate meetings to small or large groups\nPublic speaking and executive presence that solicits attention\nInquisitive and curious nature with the ability to effectively probe for deeper information\nDiplomatic and broad minded\nStrong technical researcher\n"},{"text":"Bonus Points","content":"\nAny relavent CSP certifications (AWS solutions architect, etc.)\nAny of the following information security certifications (CCSK, Security +, CISSP, CISM, Certified ISO 27001 Lead Implementer) or one audit certification (CISA, GSNA, Certified ISO 27001 Lead Auditor/Internal Auditor, IRCA ISMS Auditor or higher, CIA)\nExperience working with technologies hosted via cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform)\n"}],"salaryRange":{"min":86000,"max":148000,"currency":"USD","interval":"per-year-salary"},"salaryDescription":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
","salaryDescriptionPlain":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. \n","text":"Senior Consultant, SOC 2 Assessment","country":"US","workplaceType":"remote","opening":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"Position Summary
\n
\nAs a Senior Consultant you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. You will have an expert understanding of framework requirements, perform audit/assessments, and develop reports for clients. In the Senior Consultant role you will work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.
\n
\nAt Coalfire as a Senior Consultant you will help enhance our clients’ security posture, working with a wide range of clients to ensure that business and customer data is protected. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities. As a senior member of the team, you will also be responsible for enhancing engagement methodology, improving internal processes and overseeing and reviewing the work of Associates and Consultants.
\n
\nThis role facilitates Security Control Assessments and other advanced-level monitoring activities, often within cloud-based environments. To succeed, you will need a strong understanding of technical and non-technical security related system controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls. The role works in a team atmosphere with an experienced Technical Project Lead, and is assigned technical sections and expected to create client-ready deliverables.
","descriptionBodyPlain":"Position Summary\n \nAs a Senior Consultant you will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. You will have an expert understanding of framework requirements, perform audit/assessments, and develop reports for clients. In the Senior Consultant role you will work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.\n \nAt Coalfire as a Senior Consultant you will help enhance our clients’ security posture, working with a wide range of clients to ensure that business and customer data is protected. This role will evaluate the design and effectiveness of technology controls throughout the business cycle and will help identify performance improvement opportunities. As a senior member of the team, you will also be responsible for enhancing engagement methodology, improving internal processes and overseeing and reviewing the work of Associates and Consultants.\n \nThis role facilitates Security Control Assessments and other advanced-level monitoring activities, often within cloud-based environments. To succeed, you will need a strong understanding of technical and non-technical security related system controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls. The role works in a team atmosphere with an experienced Technical Project Lead, and is assigned technical sections and expected to create client-ready deliverables.\n","hostedUrl":"https://jobs.lever.co/coalfire/6d10834a-fb18-41d5-9aca-e202a2c2ce3f","applyUrl":"https://jobs.lever.co/coalfire/6d10834a-fb18-41d5-9aca-e202a2c2ce3f/apply"},{"additionalPlain":"Why You’ll Want to Join Us\n\nAt Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.\n\nRegardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.\n\nAt Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com.\n","additional":"Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"Assessment Services","location":"United States","team":"Cloud Infrastructure/Global Tech","allLocations":["United States"]},"createdAt":1777493140582,"descriptionPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n\n\nPosition Summary:\n \nCoalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, IL with offices across the U.S. and U.K., and we support clients around the world. \nBut that’s not who we are – that’s just what we do. \n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. \nAnd we’re growing fast. \n \nWe’re looking for a self-starter Senior Consultant to join our FedRAMP Assessment team. \n","description":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
Position Summary:
\n
\n
Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, IL with offices across the U.S. and U.K., and we support clients around the world.
\n
But that’s not who we are – that’s just what we do.
\n
\n
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
And we’re growing fast.
\n
\n
We’re looking for a self-starter Senior Consultant to join our FedRAMP Assessment team.
\n
\n
\n- Bachelor's degree (four-year college or university) in IT or business, or equivalent combination of education and work experience
\n- Five to ten (5-10) years of experience as a consultant within professional IT services
\n- Must hold one of the following certifications: CISSP, CISA, CISM, CCSP, CFR, CCISO, GCED, GCIH, GSLC
\n- Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF
\n- Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53, 800-171
\n- Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)
\n- Experience with virtualization or cloud technologies
\n- Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)
\n- Familiarity with the Canadian Centre for Cyber Security Protected B framework is a plus
\n- Familiarity with the DOD CMMC process is a plus
\n- Demonstrated knowledge of AWS, Asure and GCP cloud offerings is required
\n- Knowledge of information security related solutions, tools, and utilities
\n- Excellent verbal and written skills
\n- Willing to travel up to 20%
\n\n
\n\n
Hold Cloud Security focused certifications (AWS, Azure, CCSK, etc.)\n\n"}],"salaryRange":{"min":86000,"max":148000,"currency":"USD","interval":"per-year-salary"},"salaryDescription":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
\n
#LI-TF1
\n#LI-Remote
\n","salaryDescriptionPlain":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. \n\n\n#LI-TF1\n#LI-Remote\n","text":"Senior FedRAMP Cloud Consultant","country":"US","workplaceType":"remote","opening":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"\n
Position Summary:
\n
\n
Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, IL with offices across the U.S. and U.K., and we support clients around the world.
\n
But that’s not who we are – that’s just what we do.
\n
\n
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
\n
And we’re growing fast.
\n
\n
We’re looking for a self-starter Senior Consultant to join our FedRAMP Assessment team.
\n
Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"Assessment Services","location":"United States","team":"Cloud Infrastructure/Global Tech","allLocations":["United States"]},"createdAt":1778612092160,"descriptionPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","description":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","id":"853aa941-65dc-4032-97f9-962799d07aae","lists":[{"text":"What You'll Do","content":"\nProvides advice to customers on issues affecting the scope of work in a manner that provides additional value \nLeads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews. \nMaintains strong depth of knowledge in one or more cybersecurity frameworks. \nPrepare, review and approve assessment reports. \nManage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets. \nEnsures quality products and services are delivered on time. \nEscalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue \nProvide mentorship to team members in areas of audit, assessment, technical review and writing. \nInterfaces with clients through entire engagement, interacting with all levels of client organizations \nEstablish and maintain positive collaborative relationships with clients and stakeholders \nContinuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area. \nCollaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables. \nEstablishes account relationships and identifies upsell and cross sell opportunities and escalates to sales. \nDraft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment \nLeads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements \nAssess security vulnerabilities against the appropriate security frameworks \nPursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured \nOffline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification \nEducate and interpret compliance activities for clients \nUnderstands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable \n"},{"text":"What You'll Bring","content":"\n
\n- Bachelor's degree (four-year college or university) in IT or business, or equivalent combination of education and work experience
\n- Five to ten (5-10) years of experience as a consultant within professional IT services
\n- Must hold one of the following certifications: CISSP, CISA, CISM, CCSP, CFR, CCISO, GCED, GCIH, GSLC
\n- Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF
\n- Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53, 800-171
\n- Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO)
\n- Experience with virtualization or cloud technologies
\n- Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act)
\n- Familiarity with the Canadian Centre for Cyber Security Protected B framework is a plus
\n- Familiarity with the DOD CMMC process is a plus
\n- Demonstrated knowledge of AWS, Asure and GCP cloud offerings is required
\n- Knowledge of information security related solutions, tools, and utilities
\n- Excellent verbal and written skills
\n- Willing to travel up to 20%
\n\n
\n\n
Hold Cloud Security focused certifications (AWS, Azure, CCSK, etc.)\n\n"}],"salaryRange":{"min":86000,"max":148000,"currency":"USD","interval":"per-year-salary"},"salaryDescription":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
\n
#LI-TF1
\n#LI-Remote
\n","salaryDescriptionPlain":"The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. \n\n\n#LI-TF1\n#LI-Remote\n","text":"Senior FedRAMP Consultant","country":"US","workplaceType":"remote","opening":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"","descriptionBodyPlain":"","hostedUrl":"https://jobs.lever.co/coalfire/853aa941-65dc-4032-97f9-962799d07aae","applyUrl":"https://jobs.lever.co/coalfire/853aa941-65dc-4032-97f9-962799d07aae/apply"},{"additionalPlain":"Why You’ll Want to Join Us\n\nAt Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.\n\nRegardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.\n\nAt Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com.\n","additional":"Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at HumanResourcesMB@coalfire.com. ","categories":{"commitment":"Regular Full Time","department":"Advisory Services","location":"United States","team":"Cloud Services","allLocations":["United States"]},"createdAt":1780603223353,"descriptionPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","description":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","id":"a9a5d408-ff9a-49f6-a06d-c3d0ba10ddf1","lists":[{"text":"What You'll Do","content":"\nManage Plan of Action & Milestones (POA&Ms) lifecycle including creation, tracking, risk adjustment justification, and deviation requests in coordination with 3PAO assessors and federal stakeholders\nCollect, organize, and maintain security control evidence and artifacts for monthly continuous monitoring deliverables and assessment/authorization activities, ensuring alignment with FedRAMP, HITRUST, PCI, and similar frameworks\nMaintain accurate system inventory and authorization boundary documentation to ensure scanning scope aligns with approved system boundaries\nAnalyze scan results for false positives, document justifications, and prepare deviation requests with supporting risk assessments\nTranslate technical vulnerability findings into risk-based language for federal clients and authorization officials, presenting monthly status briefings as needed\nCollaborate with development, SRE, and infrastructure teams to integrate vulnerability management into CI/CD pipelines, cloud environments (AWS, Azure, GCP), and container/Kubernetes platforms\nParticipate in change management processes to ensure continuous monitoring activities align with system changes and maintain compliance posture\nSupport and maintain enterprise vulnerability management tools (such as Tenable, Nessus, Burp, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender), ensuring timely updates and patches\nRun regular and on-demand scans across operating systems, databases, web applications, and containers, then work with technical teams to create tickets for remediation\nTrack and document vendor dependencies, operational requirements, and open vulnerabilities, producing clear monthly reports and updates for clients\nContribute to improving internal standards and processes, including maintaining documentation, training materials, and standard operating procedures\n"},{"text":"What You'll Bring","content":"\n3–5 years of professional experience in vulnerability management, compliance monitoring, or related security operations roles\nHands-on expertise with operating system, database, network, container, web application, and API vulnerability management\nDirect experience supporting vulnerability management in at least two of the following cloud providers: AWS, Azure, GCP\nBackground working within at least one compliance framework (for example, FedRAMP, HITRUST, PCI), including risk assessment and reporting\nExperience delivering monthly or periodic vulnerability status reports and tracking remediation efforts with internal and external teams\nAdministrator-level certification in AWS, Azure, or GCP\nWorking knowledge of cloud architecture and security controls in AWS, Azure, or GCP, including ability to assess attack surfaces and recommend cloud-native remediation approaches\nStrong knowledge of vulnerability scanning technologies and methods, including scoring systems (CVSS, CMSS) and risk prioritization frameworks\nUnderstanding of NIST 800-53 security controls, particularly RA-5, SI-2, CM-6, and how continuous monitoring supports control implementation\nExperience with STIG benchmarks and automated compliance scanning tools (SCAP, SCC)\nFamiliarity with baseline configuration standards (CIS Benchmarks, vendor hardening guides) and compliance posture reporting\nAbility to distinguish false positives from true vulnerabilities and articulate risk-based justifications for deviation requests\nProficiency in scripting languages (Python, PowerShell, Bash) for task automation, report generation, and remediation workflows\nStrong client-facing communication and documentation skills, with ability to present technical findings to federal stakeholders and produce timely compliance reports\nAbility to work efficiently with cross-functional technical teams to investigate, prioritize, and coordinate vulnerability remediation efforts\nBachelor’s degree or equivalent work experience.\nUS citizenship (required due to client contractual requirements)\n"},{"text":"Bonus Points","content":"\nSecurity-focused cloud certifications for AWS, Azure, or GCP\nCISSP certification\nFamiliarity with container security scanning tools (Trivy, Anchore, Snyk) and Kubernetes security postures\nKnowledge of software composition analysis (SCA) and static/dynamic application security testing (SAST/DAST) tools\nFamiliarity with CI/CD security integration patterns and DevSecOps toolchains\n"}],"salaryRange":{"min":78000,"max":135000,"currency":"USD","interval":"per-year-salary"},"text":"Vulnerability Analyst","country":"US","workplaceType":"remote","opening":"About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
","openingPlain":"About Coalfire\n\nCoalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.\n\nBut that’s not who we are – that’s just what we do.\n \nWe are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.\n","descriptionBody":"","descriptionBodyPlain":"","hostedUrl":"https://jobs.lever.co/coalfire/a9a5d408-ff9a-49f6-a06d-c3d0ba10ddf1","applyUrl":"https://jobs.lever.co/coalfire/a9a5d408-ff9a-49f6-a06d-c3d0ba10ddf1/apply"}]