Associate, PCI

Summary

Join Coalfire's team as an Associate, contributing to the evaluation of client firms' security and compliance against industry standards and best practices. Collaborate with project managers and consultants on audits, assessments, and document reviews. Regularly interact with peers and clients, auditing information systems to ensure security measure integrity. Work closely with senior team members on data collection, customer interviews, and documentation. Deliver projects on time, maintain client relationships, and identify upsell opportunities. Maintain industry expertise through certifications and travel 25-50%. The role requires successful remote work ability.

Requirements

• Experience or knowledge of IT security risk assessments and gap analysis
• Moderate technical experience or knowledge in server and network device configurations and/or CompTIA Security+ certification
• Experience with one or more IT security compliance frameworks, such as PCI, FISMA, HIPAA, FEDRAMP, or HITRUST
• Experience interacting with management in a consultative manner
• Bachelor's degree (four-year college or university) or equivalent combination of education and work experience
• Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
• Strong personal initiative to appropriately manage time and meet deadlines
• High attention to detail
• Ability to facilitate meetings to small or large groups
• Inquisitive and curious nature with the ability to effectively prob for deeper information
• Diplomatic and broad minded

Responsibilities

• Work closely with senior members of the team to prepare customers for compliance assessments via participation in gap analyses, understanding the client’s security architecture, and preparing documentation describing their environment and security control implementation against a prescribed set of criteria
• This role will work closely with senior members on data collection and capturing of customer interviews
• Collaborate with team members to drive customer satisfaction and deliver projects within established and agreed upon timelines
• Take charge of identifying information sources, gathering and interpreting data, and ensuring diligent and accurate data and note capturing of customer interviews
• Understand quality standards and ensures quality products and services are delivered on time
• Establish and maintain positive collaborative relationships with clients and stakeholders
• Provide advice to the client on various matters related to the assessment/audit and effectively request or communicate technical requirements to a non-technical audience
• Build professional and meaningful relationships while managing customer expectations and deliverables
• Identifies upsell and cross sell opportunities and escalates to appropriate leadership
• Work closely with clients to assess their IT security posture and identify weaknesses and vulnerabilities in relation to the PCI-DDS security framework
• Maintain industry expertise by studying for and achieving industry recognized certifications
• Travel 25-50%
• Ability to be successful when working remotely

Preferred Qualifications

• CISSP, CISM, CISA, and/or AQSA certification(s) Preferred
• Preferred to hold at least one information security certification, such as CCSK or CompTIA Security+

Benefits

• Paid parental leave
• Flexible time off
• Certification and training reimbursement
• Digital mental health and wellbeing support membership
• Comprehensive insurance options