Associate, PCI

Job description

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

This role will work as part of a team evaluating the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. This role will partner closely with project managers, Consultants, and Sr Consultants on audits, assessments and document review.

An Associate will regularly interact with peers and clients as both an auditor and assessor, depending on the engagement. He/she will audit information systems with confidence and accuracy to ensure the integrity and effectiveness of security measures. The role test technical controls, policies and procedures, laws, regulations, and industry best practices.

What You’ll Do

• Work closely with senior members of the team to prepare customers for compliance assessments via participation in gap analyses, understanding the client’s security architecture, and preparing documentation describing their environment and security control implementation against a prescribed set of criteria.
• This role will work closely with senior members on data collection and capturing of customer interviews.
• Collaborate with team members to drive customer satisfaction and deliver projects within established and agreed upon timelines.
• Take charge of identifying information sources, gathering and interpreting data, and ensuring diligent and accurate data and note capturing of customer interviews.
• Understand quality standards and ensures quality products and services are delivered on time.
• Establish and maintain positive collaborative relationships with clients and stakeholders.
• Provide advice to the client on various matters related to the assessment/audit and effectively request or communicate technical requirements to a non-technical audience.
• Build professional and meaningful relationships while managing customer expectations and deliverables.
• Identifies upsell and cross sell opportunities and escalates to appropriate leadership.
• Work closely with clients to assess their IT security posture and identify weaknesses and vulnerabilities in relation to the PCI-DDS security framework.
• Maintain industry expertise by studying for and achieving industry recognized certifications.
• Travel 25-50%
• Ability to be successful when working remotely.

What You’ll Bring

• Experience or knowledge of IT security risk assessments and gap analysis.
• Moderate technical experience or knowledge in server and network device configurations and/or CompTIA Security+ certification.
• Experience with one or more IT security compliance frameworks, such as PCI, FISMA, HIPAA, FEDRAMP, or HITRUST.
• Experience interacting with management in a consultative manner.
• Bachelor’s degree (four-year college or university) or equivalent combination of education and work experience.
• Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience.
• Strong personal initiative to appropriately manage time and meet deadlines.
• High attention to detail.
• Ability to facilitate meetings to small or large groups.
• Inquisitive and curious nature with the ability to effectively prob for deeper information.
• Diplomatic and broad minded.

Bonus Points

• CISSP, CISM, CISA, and/or AQSA certification(s) Preferred
• Preferred to hold at least one information security certification, such as CCSK or CompTIA Security+

$53,000 - $92,000 a year

The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

#LI-HW1

#LI-Remote

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, our Human Resources team at [email protected].