Associate

Summary

Join Coalfire and become a cybersecurity Associate, working as part of a team assessing client security and compliance. You will partner with experienced leads, focusing on specific technical segments to deliver client-ready results. This role involves facilitating security assessments, particularly within cloud-based environments, requiring a strong understanding of technical system security controls and testing methods. You will work closely with senior team members, execute testing procedures, ensure policy adherence, validate security plans, and meticulously document findings. The position demands strong communication, technical research, and problem-solving skills. Travel is approximately 15%, and remote work is supported.

Requirements

• An introductory understanding of IT security technologies including cloud architecture and application security, firewalls, access management, and data protection
• Educational or work experience involving IT Security and/or IT Audit principles
• Strong written and verbal communication skills including the ability to explain security controls to a non-technical audience
• Strong personal initiative to appropriately manage time and meet deadlines
• High attention to detail and quality
• Computer and typing skills that permit rapid data collection and note taking
• Ability to participate and support meetings to small or large groups
• Public speaking and emerging executive presence
• Inquisitive and curious nature with the ability to effectively probe for deeper information
• Diplomatic and broad minded
• Strong technical researcher
• Bachelor's degree (four-year college or university) or equivalent combination of education and work experience. Degree preferably in Information Systems or Business

Responsibilities

• Works closely with senior members to support audit preparation and document assessments against prescribed sets of criteria
• Execute, examine, interview, and test procedures in accordance with the proper control or compliance system
• Ensure cybersecurity policies are adhered to an that required controls are implemented
• Validate respective information system security plans to ensure that appropriate control requirements are met
• Take charge of identifying information sources, gathering and interpreting data, and ensuring diligent and accurate data and note capturing of customer interviews
• Pursues and corroborates conclusions derived from inquiry procedures
• Proactively drafts and documents audit planning and reporting material for peer review at appropriate milestones throughout the engagement lifecycle
• Adheres to pre-defined project timelines and communicates possible changes to the schedule or scope of work
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each deliverable
• Provide advice to the client on various matters related to the assessment/audit and effectively requests or communicates technical requirements to a non-technical audience
• Support and maintain positive collaborative relationships with clients and stakeholders
• Maintain industry expertise by studying for and achieving industry recognized certifications
• Travel approximately 15%
• Ability to be successful when working remotely

Preferred Qualifications

• Experience or education in healthcare IT environments or security frameworks (HITRUST, HIPAA)
• Experience as an IT Consultant, IT auditor, Business Analyst, or similar role
• Experience working with technologies hosted via cloud computing environments (e.g., Amazon Web Services, Microsoft Azure, Google Cloud Platform)
• At least one information security certification, such as CCSK or CompTIA Security+ (or willing to obtain one of these certifications)
• Amazon Web Services (AWS) Certified Cloud Practitioner

Benefits

• Paid parental leave
• Flexible time off
• Certification and training reimbursement
• Digital mental health and wellbeing support membership
• Comprehensive insurance options