Job details

Consultant, GRC Advisory

Get a free resume review

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

You will perform a variety of ISO/SOC engagements (such as workshops, policy and procedure development) for ISO/SOC compliance. This role will specialize in assessing the readiness for ISO/SOC compliance and providing those advisory services necessary for a successful audit.

What You'll Do

You’ll work collaboratively with a team of ISO/SOC advisory assessors as a ISO/SOC advisor and assist with the planning and delivery of those services.
Be the team lead on engagements against ISO/SOC compliance to provide information security technical and non-technical expertise.
Work with other teams within Coalfire, and collaborate with the ISO/SOC assessment team, to drive customer success.
Lead on-site engagements with clients. This includes onsite visits, understanding customer security and compliance requirements and environments, and proposing and delivering packaged offerings or custom solution engagements.
Develop technical content, such as procedures and policies, risk management tools, etc., that will be used by our clients to assist them in elevating/build out their security programs for ISO/SOC compliance.
Delivery projects to build out compliance roadmaps, architecture guidance, gap remediation, etc.

What You'll Bring

3+ years experience performing and or participating in SOC 2 examinations and ISO/IEC 27001:2013 certifications
3+ years of experience in an IT security audit, assessment, compliance, risk management, or data privacy role
3+ years of experience working with any of the following frameworks: Payment Card Industry (PCI) Council's Payment Card Industry Data Security Standard (PCI DSS) , ISO/IEC 27701:2019 (and/or its mapped references ISO/IEC 29100:2011, ISO/IEC 27018:2019), ISO/IEC ISO/IEC 9001:2015, Health Insurance Portability and Accountability Act (HIPAA), HITRUST, System and Organization Controls (SOC) 2, or National Institute of Standards and Technology (NIST) frameworks
ISO/IEC 27001 Lead Auditor Certificate
Bachelor's Degree in Computer Science, Information Systems Management, Information Security, Business or equivalent experience required
Willing to travel up to 50%

Bonus Points

Certified Information Systems Auditor (CISA), Certificate of Cloud Security Knowledge (CCSK)
ISO 9001:2015 Lead Auditor
Certified Information Systems Security Professional (CISSP)
Certified Information Privacy Professional (CIPP/US), or Certified Information Security Manager (CISM)

$64,000 - $112,000 a year

The salary range listed is a reasonable estimate of the compensation range for this role based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, our Human Resources team at HumanResourcesMB@coalfire.com.

Coalfire Glassdoor Company Review

3.8

Coalfire DE&I Review

No rating

CEO of Coalfire

Tom McAndrew

Approve of CEO

Average salary estimate

$88000 / YEARLY (est.)

min

max

$64000K

$112000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Consultant, GRC Advisory, Coalfire

At Coalfire, we're not just another IT company; we're a passionate team dedicated to making the world a safer place by tackling our clients' toughest cybersecurity challenges. As a Consultant in GRC Advisory, you’ll play a vital role in our mission. Located in the United States, you'll find yourself diving deep into the world of ISO/SOC compliance—a field that combines both technical expertise and strategic foresight. You’ll be leading various engagements, from conducting workshops to developing essential policies and procedures aimed at ensuring compliance. Collaborating closely with a dynamic team of ISO/SOC advisory assessors, your insights will be pivotal in enhancing the security and compliance landscape for our clients. Not only will you assess clients’ readiness for ISO/SOC compliance, but you'll also demonstrate your expertise through on-site visits, understanding their unique security requirements, and delivering tailored solutions that elevate their security programs. Your experience matters here—3+ years in roles like IT security audits or compliance, along with certifications, will help you thrive. And, of course, your journey with us will come with competitive benefits and a flexible work model that prioritizes your personal and professional growth. Join us at Coalfire, where you can truly make a difference!

Frequently Asked Questions (FAQs) for Consultant, GRC Advisory Role at Coalfire

What are the main responsibilities of a Consultant, GRC Advisory at Coalfire?

As a Consultant in GRC Advisory at Coalfire, your core responsibilities will include leading ISO/SOC compliance engagements, performing assessments, and developing crucial technical content such as policies and procedures. You'll collaborate with teams to drive customer success and devise compliance roadmaps, ensuring your clients navigate the landscape of cybersecurity challenges effectively.