Job description
About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
Position Summary
This role will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. The Associate will partner closely with experienced Project Leads and be assigned specific technical segments to provide client-ready deliverables.
An Associate will facilitate security assessments and possibly other advanced-level Continuous Monitoring Activities within cloud-based environments. To succeed in this position, the Associate will need a strong understanding of technical system security controls and an understanding of the various testing methods utilized to ascertain the effectiveness of those controls.
What You’ll Do
- Works closely with senior members to support audit preparation and document assessments against prescribed sets of criteria
- Execute, examine, interview, and test procedures in accordance with the proper control or compliance system
- Ensure cybersecurity policies are adhered to an that required controls are implemented
- Validate respective information system security plans to ensure that appropriate control requirements are met
- Take charge of identifying information sources, gathering and interpreting data, and ensuring diligent and accurate data and note capturing of customer interviews
- Pursues and corroborates conclusions derived from inquiry procedures
- Proactively drafts and documents audit planning and reporting material for peer review at appropriate milestones throughout the engagement lifecycle
- Adheres to pre-defined project timelines and communicates possible changes to the schedule or scope of work
- Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each deliverable
- Provide advice to the client on various matters related to the assessment/audit and effectively requests or communicates technical requirements to a non-technical audience
- Support and maintain positive collaborative relationships with clients and stakeholders
- Maintain industry expertise by studying for and achieving industry recognized certifications
- Travel approximately 15%
- Ability to be successful when working remotely.
What You’ll Bring
- An introductory understanding of IT security technologies including cloud architecture and application security, firewalls, access management, and data protection
- Educational or work experience involving IT Security and/or IT Audit principles·
- Strong written and verbal communication skills including the ability to explain security controls to a non-technical audience
- Strong personal initiative to appropriately manage time and meet deadlines
- High attention to detail and quality
- Computer and typing skills that permit rapid data collection and note taking
- Ability to participate and support meetings to small or large groups
- Public speaking and emerging executive presence
- Inquisitive and curious nature with the ability to effectively probe for deeper information
- Diplomatic and broad minded
- Strong technical researcher
- Bachelor’s degree (four-year college or university) or equivalent combination of education and work experience. Degree preferably in Information Systems or Business.
Bonus Points
- Experience or education in healthcare IT environments or security frameworks (HITRUST, HIPAA)·
- Experience as an IT Consultant, IT auditor, Business Analyst, or similar role
- Experience working with technologies hosted via cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform)
- At least one information security certification, such as CCSK or CompTIA Security+ (or willing to obtain one of these certifications)
- Amazon Web Services (AWS) Certified Cloud Practitioner
$53,000 - $92,000 a year
The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.
#LI-HW1
#LI-Remote
Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, our Human Resources team at [email protected].
