Senior Manager, ISO Advisory

Company: Coalfire
Location: Remote
Posted on: May 3, 2021

Job Description:

About Coalfire

Leading cloud infrastructure providers, SaaS providers, and enterprises turn to Coalfire for help solving their toughest cybersecurity problems. Through the combination of extensive cloud expertise, technology, and innovative and holistic approaches, Coalfire empowers clients to achieve their business objectives, use security and compliance to their advantage, and fuel their continued success. Coalfire has been a cybersecurity thought leader for 20 years and has offices throughout the United States and Europe.

What you'll do

The Senior Manager manages a team of consultants, manages client escalations, and leads engagements. This role will have a detailed understanding of compliance framework requirements, perform advisory consulting support, and develop compliance-related reports/documentation for clients. They will also provide quality control and peer review to other members of the delivery staff. They will work closely with Project Managers, Directors, Senior Directors and other Delivery team members to effectively manage project timelines and deliverables. As a Coalfire Senior Manager, you'll be responsible for directly managing and mentoring 1-3 team members and lead various projects for clients. For each engagement, you'll focus on the success of the project and achieving overall client satisfaction. You'll work directly with the Director or Senior Director to implement strategic plans to grow the service line and enhance the overall team's capabilities and skillsets.

• Manage priorities, tasks and hours on projects in conjunction with the project manager and management to achieve delivery utilization targets.
• Escalates client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue.
• Interfaces with clients through entire engagement, interacting will all levels of client organizations.
• Establish and maintain positive, collaborative relationships with clients and stakeholders.
• Collaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
• Manage team, responsible for talent decisions in regard to performance management, compensation and hiring.
• Provide mentorship and coaching to team members in areas of technology, consulting, technical review and writing.
• Maintain strong depth of knowledge in the practice area, seek professional development opportunities, and maintain industry specific certifications.
• Establish account relationships and identifies upsell and cross sell opportunities and escalates to sales.
• Ensure team members are achieving project margins and utilization targets
• Lead complex and less complex projects, guiding the customer and all resources successfully through the project lifecycle.
• Lead advisory projects from start to finish to include workshops, gap analyses, document development projects, and ad hoc consulting support
• Execute examine, interview, and test procedures in accordance with compliance advisory security control framework ISO 27001, SOC 2, etc.) requirements
• Ensure cybersecurity policies are adhered to and that required controls are implemented
• Validate respective information system security plans or policy/procedure documentation to ensure compliance advisory control requirements are met.
• Prepare, review and/or update, and maintain IT Security supporting artifacts
• Provide guidance to Information System Owners
• Identify information security problems and challenges, researching and developing technical solutions to rectify them
• Ensure cybersecurity policies are adhered to and that required controls are implemented.
• If the required controls are not implemented provide recommendations to the client to improve their security posture.
• Develop technical content, such as procedures and policies, risk management tools, etc., that will be used by clients to assist them in elevating/build out their security programs for system authorization.
• Mentor all project team members on compliance (ISO 27001, SOC 2, etc.) specific consulting methodologies.
• Performing interviews of potential new hires for an intern, associate, consultant, senior consultant and senior manager roles.
• Able to travel about 25%

What you'll bring

• Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
• Strong consulting skills; ability to advise and challenge the status quo while building strong relationships
• Ability to build high-trust relationship and credibility quickly
• Ability to lead projects successfully and delegate up and across
• Strong attention to detail
• Strong problem solving, decision making, organizational and analytical skills
• Ability to prioritize and manage multiple initiatives/projects.
• Ability to be self-driven and have strong independent initiative.
• Strong excel skills with ability to develop worksheets with complex formulas
• Ability to facilitate meetings to small or large groups
• Diplomatic and broad minded
• Ability to lead teams small to large teams in the assessment and internal environments
• Ability to speak to Cloud Service Providers to resolve issues and come to a conclusion of the assessmen
• Minimum of 7 years or more of working experience in information technology, information security, technical assessment, or audits
• Substantial knowledge of security control requirements (ISO 27001, SOC 2, etc.) and how they overlap with additional frameworks
• Significant experience in understanding and applying relevant technical knowledge in ISO 27001, SOC 2, and other compliance framework assessments within moderate and large hyperscale CSP environments
• Knowledge in conducting multi-framework consolidated compliance assessment activities
• Detailed understanding of IT security technologies including network and application security, firewalls, access management, and data protection
• Experience with virtualization and cloud technologies
• Experience with client-server and traditional on-premises architecture
• Familiarity with statutes and regulations across multiple industries relevant to IT
• Demonstrated ability to lead moderately complex system assessments/consulting engagements independently
• Demonstrated ability to assist team members with proper artifact collection and interviewing clients to ascertain control implementation details
• Demonstrated ability to read and interpret all control families
• Demonstrated ability to read and interpret firewall rulesets and to create network/boundary/data flow diagrams
• At least one of the following Advanced certifications or equivalent in cybersecurity or cloud: CISSP, CISA, CISM, CRISC, and/or AWS Associate or specialtycert in security
• Bachelor's degree (four-year college or university) or equivalent education and experience

Bonus Points

• Bachelors of Science degree in a technical field (CIS, MIS, IT, Engineering, or related field)

Why you'll want to join us

Our people make Coalfire great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve. Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. We're connected by our desire to innovate and our goal of helping to make the world a more secure place.

Coalfire's high energy, challenging, and fast-paced work environment will keep you engaged and motivated. Work-life balance is a core priority at Coalfire - we work hard and we play hard, and the two often overlap. We host family-friendly events and happy hours along with professional meetups and informal networking sessions, and we're active in our communities. Plus, we offer great benefits, including:

• Health, dental, and vision insurance with an employer contribution
• Flexible paid time off (employees are encouraged to spend four weeks away from the office each year)
• A generous 401(k) plan
• Stock Appreciation Rights (SARs)
• A corporate wellness program
• Tuition reimbursement
• A kitchen stocked with snacks, coffee, and tasty beverages

Coalfire is an EEO employer. We celebrate diversity and are committed to respecting one another, embracing individual differences, and creating an inclusive environment for all employees.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. A reasonable estimate of the compensation range for this role is $94,000 to $163,000 based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs.

Keywords: Coalfire, Eugene , Senior Manager, ISO Advisory, Other , Remote, Oregon