Senior Consultant

Summary

Join Coalfire as a Senior Consultant to lead enterprise engagements assessing client security and compliance. You will perform IT security assessments for healthcare clients, ensuring the safety and security of their IT assets. Responsibilities include leading audits and assessments, preparing reports, managing project timelines, and mentoring team members. The role requires 5+ years of IT security and compliance assessment experience, relevant certifications (CISSP, CISA, etc.), and a bachelor's degree. Subject matter expertise in healthcare and familiarity with HITRUST CSF and HIPAA are essential. Coalfire offers a flexible work model, competitive perks, paid parental leave, and comprehensive insurance options.

Requirements

• 5+ Years of IT security and compliance assessment experience
• Security Certifications such as CISSP, CISA, CISM, CCSFP, HCISPP, or CIPP
• Bachelor's degree (four-year college or university) or equivalent combination of education and work experience. Degree preferably in Information Systems or Business
• Subject matter expertise in the healthcare industry, including proven experience working with the HITRUST Common Security Framework (CSF), as well as the HIPAA Security and Privacy Rules
• Working knowledge of IT security frameworks and regulations such as NIST, ISO, CSF, HIPAA, HITECH, HITRUST and Security Breach Notification
• Solid understanding of IT Risk Assessment methodologies either quantitative or qualitative or both
• A solid understanding of IT security technologies including network and application security, firewalls, access management, and data protection
• Experience and knowledge of Healthcare operations, common applications and business processes
• Experience assessing IT security threats, vulnerabilities and IT Security audit procedures
• Experience and success in delivering client engagements on-time and within budget
• Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
• Strong Consulting skills; ability to advise and challenge the status quo while building strong relationships
• Ability to build high-trust relationship and credibility quickly
• Ability to lead projects successfully and delegate up and across
• Strong attention to detail
• Strong problem solving, decision making, organizational and analytical skills
• Ability to prioritize and manage multiple initiatives/projects
• Ability to be self-driven and have strong independent initiative
• Strong excel skills with ability to develop worksheets with complex formulas
• Ability to facilitate meetings to small or large groups
• Diplomatic and broad minded

Responsibilities

• Leads audits/assessments including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews
• Work collaboratively with a team of assessors as a HIPAA or HITRUST compliance specialist and assist with the planning of assessments to our clients
• Prepare, review and approve assessment reports
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets
• Ensures quality products and services are delivered on time
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue
• Provide mentorship to team members in areas of audit, assessment, technical review and writing
• Interfaces with clients through entire engagement, interacting will all levels of client organizations. Establish and maintain positive collaborative relationships with clients and stakeholders
• Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area
• Collaborates with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables
• Establishes account relationships and identifies upsell and cross sell opportunities and escalates to sales
• Participation at conferences, blogs, white papers, speaking engagements, and other evangelical activities related to IT security
• Travel typically 15-20%
• Ability to be successful in a remote environment

Preferred Qualifications

Experience assessing security vulnerabilities using other frameworks such as PCI-DSS, FedRAMP, ISO, SOC, etc

Benefits

• In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office
• Paid parental leave
• Flexible time off
• Certification and training reimbursement
• Digital mental health and wellbeing support membership
• Comprehensive insurance options