[Hiring] Senior FedRAMP Cloud Consultant @Coalfire

Role Description

Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We are looking for a self-starter Senior Consultant to join our FedRAMP Assessment team.

• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value.
• Develop documentation and author recommendations associated with your findings on how to improve the customer’s security posture in accordance with appropriate controls.
• Leads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
• Maintains strong depth of knowledge in one or more cybersecurity frameworks.
• Prepare, review and approve assessment reports.
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
• Ensures quality products and services are delivered on time.
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue.
• Provide mentorship to team members in areas of audit, assessment, technical review and writing.
• Interfaces with clients through entire engagement, interacting with all levels of client organizations.
• Establish and maintain positive collaborative relationships with clients and stakeholders.
• Continuous professional development in maintaining industry specific certifications.
• Collaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
• Establishes account relationships and identifies upsell and cross sell opportunities and escalates to sales.
• Draft audit programs that sufficiently address both the required objectives of the regulatory body and the complexity of the client environment.
• Leads interview and inquiry walkthroughs with clients to determine the conformity of environments against stated requirements.
• Assess security vulnerabilities against the appropriate security frameworks.
• Pursues and corroborates conclusions derived from inquiry procedures with client while ensuring diligent interview notes are captured.
• Offline and remote evidence inspection of client provided documentation; appropriately mark artifacts requiring follow-up or additional clarification.
• Educate and interpret compliance activities for clients.
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable.
• Travel 20%.

Qualifications

• Bachelor's degree (four-year college or university) in IT or business, or equivalent combination of education and work experience.
• Five to ten (5-10) years of experience as a consultant within professional IT services.
• Must hold one of the following certifications: CISSP, CISA, CISM, CCSP, CFR, CCISO, GCED, GCIH, GSLC.
• Deep experience with government compliance, including FISMA, FedRAMP, and DoD RMF.
• Strong knowledge of NIST Special Publications 800-30, 800-37, 800-53, 800-171.
• Experience with every step within the delivery of Certification and Accreditation (C&A) / Assessment and Authorization (A&A) packages that have obtained and maintained full authorization to operate (ATO).
• Experience with virtualization or cloud technologies.
• Familiarity with statutes and regulations across multiple industries relevant to IT (e.g. SOX 404, HIPAA, FedRAMP, GLB, Patriot Act).
• Familiarity with the Canadian Centre for Cyber Security Protected B framework is a plus.
• Familiarity with the DOD CMMC process is a plus.
• Demonstrated knowledge of AWS, Azure and GCP cloud offerings is required.
• Knowledge of information security related solutions, tools, and utilities.
• Excellent verbal and written skills.
• Willing to travel up to 20%.

Benefits

• Flexible work model that empowers you to choose when and where you’ll work most effectively.
• Opportunities to join employee resource groups, participate in in-person and virtual events.
• Paid parental leave.
• Flexible time off.
• Certification and training reimbursement.
• Digital mental health and wellbeing support membership.
• Comprehensive insurance options.