Senior Consultant

at Coalfire
💰 $86k-$148k
🇺🇸 United States - Remote
🔒 Cybersecurity🟣 Senior

Job description

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

And we’re growing fast.

We’re looking for a Senior Consultant, SSF (Software Security Framework) to support our PCI Assessment Services team.

Position Summary

This is a great opportunity to grow your career and lead enterprise engagements as a Senior Consultant! In this position you will assess the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks. In this role, you will conduct technical testing for payment applications, the primary focus will be to validate technical controls for compliance with the Payment Card Industry (PCI) Secure Software framework standard.  You will be a key member of the solution validation team that works with various financial companies to advise them about application architecture, software security and software development.

As a Senior Consultant, you will regularly interact with peers and clients as both an auditor and assessor, depending on the engagement. This role will audit information systems with confidence and accuracy to ensure the integrity and effectiveness of security measures. You will test technical controls, policies and procedures, laws, regulations, and industry best practices.

What You’ll Do

  • Leads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
  • Perform technical solution testing across a wide variety of technologies, including penetration testing of the application.
  • Prepare SSF (Software Security Framework) Reports on Validation and Compliance and/or authoring white papers.
  • Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
  • Ensures quality products and services are delivered on time per Coalfire quality standards.
  • Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue.
  • Interfaces with clients through entire engagement, interacting with all levels of client organizations. Establish and maintain positive collaborative relationships with clients and stakeholders.
  • Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
  • Collaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
  • Establish account relationships and identifies upsell and cross sell opportunities and escalates to sales.
  • Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification.
  • Travel 20%.
  • Ability to be successful when working remotely.

What You’ll Bring

  • Five or more (5+) years in IT security and/or application development.
  • Possess a minimum of one year of experience in each of the following software development disciplines (experience may be acquired concurrently—for example, if the role involved experience in multiple disciplines at the same time): Software/Systems Design, Programming/Software Development, Software/Systems Testing.
  • Possess a minimum of three years of experience in each of the following information security disciplines (experience may be acquired concurrently—for example, if the role involved experience in multiple disciplines at the same time): Security risk assessment, System/software security controls selection, Security architecture, Systems/software penetration testing, Threat and vulnerability detection and management, Incident detection and response, Cryptography and Key Management.
  • One of the following Information security certifications required: CISSP, CISM, ISO 27001 Lead Implementer.
  • One of the following Audit certifications required: CISA, GNSA, ISO 27001 Lead Auditor, Internal Auditor, IRCA ISMS Auditor or higher, CIA.
  • One of the following Software Development certifications required (or ability to obtain one quickly): CSSLP, CASE, GSSP-JAVA, GSSP-.NET, GWEB, CEH, OSCP, CompTIA PenTest+, GPEN.
  • Desire and ability to become SSF certified.
  • Bachelor’s degree (four-year college or university) or equivalent combination of education and work experience.
  • Strong understanding of application security practices (such as OWASP Top 10) and/or application architecture.
  • Experience in IT security audit and compliance, risk assessments and gap analysis.
  • Possess substantial information security knowledge and experience to conduct technically complex security assessments.
  • A commitment to your profession demonstrated by participation in industry events, seminars, blogs, and memberships in professional associations.
  • A desire to join some of the most capable and experienced cyber security professionals in the industry and contribute to the ongoing growth of our venture together.
  • Excellent written and verbal communication skills.
  • Ability to facilitate meetings of small or large groups.
  • Excellent customer service and project management skills.
  • Ability to prioritize and manage multiple initiatives/projects.
  • Ability to be self-driven and have strong independent initiative.
  • Strong Consulting skills with executive leadership and technical professionals; ability to advise and challenge the status quo while building strong relationships.

Bonus Points

  • Current or former PCI-QSA certification.

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like flexible time off, certification and training reimbursement, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. A reasonable estimate of the compensation range for this role is $86,000 to $148,000 based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

#LI-HW2

#LI-Remote

Share this job:
Please let Coalfire know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Coalfire logo

Coalfire

Cybersecurity and Compliance Services

  • 1001-5000 employees
  • Founded in 2001
  • 13 remote jobs
View all jobs

Latest Jobs at Coalfire

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply