[Remote] Senior Consultant, PCI QSA
Note: The job is a remote job and is open to candidates in USA. Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. As a Senior Consultant, you will assess the security and compliance of client firms against regulatory and industry requirements, lead audits, and provide mentorship to team members.
Responsibilities
- Lead audits/assessments full cycle including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews
- Prepare, review and approve assessment reports
- Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets
- Manage quality throughout the entirety of the engagement, while providing direct coaching and revisions to work products
- Ensure quality products and services are delivered on time
- Escalate client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
- Provide mentorship to team members in areas of audit, assessment, technical review and writing
- Interface with clients through entire engagement, interacting will all levels of client organizations. Establish and maintain positive collaborative relationships with clients and stakeholders
- Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area
- Collaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables
- Establish account relationships and identifies upsell and cross sell opportunities and escalates to sales
- Travel 25-50%
- Ability to be successful when working remotely
Skills
- One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer
- One of the following Audit certifications required: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO 27001 Lead Auditor
- Familiarity with other common IT Audit frameworks (SOC 2, ISO 27001, FedRAMP, HITRUST, etc.)
- Bachelor's degree (four-year college or university) or equivalent combination of education and work experience
- Strong knowledge of the PCI-DSS security standards
- 5+ years of experience in an IT Security Audit and/or Compliance role
- Experience preparing and presenting Tier 1 and Tier 2 Reports on Compliance (ROCs)
- Experience performing IT security risk assessments and gap analysis
- Strong excel skills with ability to develop worksheets with complex formulas
- Experience interacting with management in a consultative manner
- Strong IT understanding with respect to networks, servers, workstations, and applications
- Excellent communication and presentation skills. Ability to facilitate meetings of small or large groups
- Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
- Strong Consulting skills with executive leadership and technical professionals; ability to advise and challenge the status quo while building strong relationships
- Positive attitude
- Diplomatic and broad minded
- Ability to build high-trust relationship and credibility quickly both internally and externally
- Strong attention to detail, strong problem solving, decision-making, organizational and analytical skills
- Ability to prioritize and manage multiple initiatives/projects
- Ability to be self-driven and have strong independent initiative
- Current PCI-QSA certification preferred (will consider former QSA)
Benefits
- Paid parental leave
- Flexible time off
- Certification and training reimbursement
- Digital mental health and wellbeing support membership
- Comprehensive insurance options
Company Overview