Browse
Employers / Recruiters

Principal, FedRAMP Advisory | Remote US

coalfire · 30+ days ago
Remote
$131k+
Estimation
Full-time
Remote
Continue
By pressing the button above, you agree to our Terms and Privacy Policy, and agree to receive email job alerts. You can unsubscribe anytime.
About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.
 
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

The Principal Consultant (SME) is considered a FedRAMP Advisory subject matter expert (SME), with strong expertise in a focal technical area e.g., evaluating/assessing the security and compliance of client firms/services against regulatory, industry requirements and standards, or against security best practice frameworks, etc. but has subject matter knowledge and/or experience in the other areas that affect the practice. 
 
The Principal Consultant (SME) is expected to leverage their technical and business experience across three (4) domains, including:
 
1) Evaluate and enhance the security of complex systems that may impact both risk and compliance for organizations, large and small. 
2) Mentor and develop team members to help grow the team and its capabilities.
3) Perform research on topics and/or areas affecting client engagements or regulatory requirements to bring clarity to that area which may involve engaging the regulatory bodies to get the clarification.  Communicate the information gathered to the entire practice through various mediums such as information repositories, meetings, trainings, etc.  Update repositories that have outdated information with updated information. 
4) Engage outwardly into the community through blog posts, technical white papers, forum participation and conference speaking engagements. Engage inwardly to support business and practice growth by developing Sales/Marketing collateral, delivery methodologies and SOPs, train/mentor colleagues as necessary and serve as the SME for all topics related to your technical or compliance area of expertise.

What You'll Do

  • Work with industry and standards bodies to provide information security technical and non-technical expertise.
  • Work with other teams within Coalfire to drive customer success.
  • Scope and lead on-site engagements with clients. This includes leading pre-sales calls, onsite visits, understanding customer security and compliance requirements and environments, and proposing and delivering packaged offerings or custom solution engagements.
  • Develop technical content, such as security plans, procedures, policies, and white papers that can be used by our clients to assist them in elevating/building out their security and compliance programs.
  • Lead delivery engagements including on-site projects working with clients to build out compliance roadmaps, architecture guidance, gap assessments, etc.
  • Manage delivery engagements by providing project status updates to applicable stakeholders, identifying showstoppers and roadblocks to project success, etc.
  • Collaborate with Coalfire engineering, support, and business teams to convey partner and customer feedback.
  • Serve as the practice subject matter expert (SME) for escalations, sales/marketing support, driving practice profitability and revenue.
  • Provide Delivery Team Support, including identifying process improvements, training delivery personnel on methodologies/tools and quality topics, and mentoring delivery personnel.
  • Development of industry-wide service line thought leadership through:
  • Authoring methodologies, templates, white papers, work instructions, guidelines, forms, tools
  • Developing and delivering industry specific training, including speaking/presenting at conferences, creating webinars 
  • Support management of client satisfaction at all phases of the client relationship.
  • Ensure continuous professional development by maintaining industry specific certifications.
  • Maintain strong depth of knowledge in the practice area.
  • Collaborate with project managers, quality management, sales, and other delivery team members to drive customer satisfaction and meet project deliverables.
  • Establish account relationships and identifies upsell and cross sell opportunities and escalates to sales  

What You'll Bring

  • 7+ years of experience in an IT security audit, assessment, compliance, risk management, or data privacy role.
  • Knowledge and awareness of the latest information risk, security and compliance innovations, trends, challenges, and solutions.  
  • Knowledge of strategy, privacy and risk standards/frameworks and professional practices (e.g., NIST, ISO, CIS Top 20, ISSA, CSA CMM, Privacy by Design and FAIR, etc.).  
  • Knowledge of the typical enterprise risk and security operational practices.  
  • Knowledge of information security related solutions, tools, and utilities.  
  • Experience in strategy development, setting direction for team members, influencing both internally and externally.
  • Experience building common compliance frameworks as well as mapping between different compliance requirements.
  • Demonstrated breadth of security expertise in various sub domains such as encryption, identity, incident response, etc.
  • Hands-on technical expertise is nice to have due to the technical components of the frameworks that are worked with.
  • Experience with risk assessment methodologies and risk reporting for executive leadership.
  • Proven background in clearly writing complex technical documents that can be presented across a varied enterprise corporate audience.
  • 7+ years of experience working with one, more, or a combination of the following: National Institute of Standards and Technology (NIST) frameworks (800 series), FISMA, FedRAMP, DoD RMF, StateRAMP
  • Strong verbal and written communications skills are a must, as well as the ability to work effectively across internal and external organizations and virtual teams.
  • Exceptional interpersonal and communication skills and an executive presence - comfortable talking with CIOs, CTOs and CISOs about complex security issues.
  • Ability to think strategically about business, product, and technical challenges.
  • Strong initiative.  

Bonus Points

  • Big Four Advisory/Consulting Experience
  • DevSec Ops Experience 
  • AWS, Azure, Google Cloud Platform certification(s). 
  • OpenFair or related certification, CCBP 
  • Vendor certifications for applicable product solution sets
Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, our Human Resources team at HumanResourcesMB@coalfire.com.

Last updated on Sep 30, 2024

See more

About the company

More jobs like this

Analyzing
Mr. Manager$231k+
BB
Bobby Burger ·  Fast food restaurant

Jacksonville, Florida

 · 

30+ days ago

California

 · 

30+ days ago

Baltimore, Maryland

 · 

30+ days ago

New Orleans, Louisiana

 · 

30+ days ago

2364 - Program Officer, China$290k+
N
Nedjobs ·  Job search platform

Remote

 · 

30+ days ago

Wichita, Kansas

 · 

30+ days ago

Remote

 · 

30+ days ago

VP$256k+
R
rqjdnwbs34lmixfu3kkfd08vmgygir029fesnaptym1rbs1iivifcavlyk16brnc

New York, New York

 · 

30+ days ago

Remote

 · 

30+ days ago

Ames, Iowa

 · 

30+ days ago

Developed by Blake and Linh in the US and Vietnam.
We're interested in hearing what you like and don't like! Live chat with our founder or join our Discord
Changelog
🚀 LaunchpadNov 27
Create a site and sell services based on your resume.
🔥 Job search dashboardNov 13
Revamped job search UI with a sortable grid, live filtering, bookmarks, and application tracking.
🫡 Cover letter instructionsSep 27
New Studio settings give you control over AI output.
✨ Cover Letter StudioAug 9
Automatically generate cover letters for any job.
🎯 Suggested filtersAug 6
Copilot suggests additional filters above the results.
⚡️ Quick applicationsAug 2
Apply to jobs using info from your resume. Initial coverage of ~200k jobs in Spain, Germany, Austria, Switzerland, France, and the Netherlands.
🧠 Job AnalysisJul 12
Have Copilot read job descriptions and extract out key info you want to know. Click "Analyze All" to try it out. Click on the Copilot's gear icon to customize the prompt.
© 2024 RemoteAmbitionAffiliate · Privacy · Terms · Sitemap · Status