Lead Principal, ISO/SOC2 Technical Risk and Controls Advisory

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.
 
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

The Lead Principal manages a team of principals, leads the GRC Advisory Change Advisory Board (CAB), and ensures compliance with framework requirements. They manage advisory consulting engagements, review client deliverables, and collaborate with practice leadership to set internal directions and strategic plans. They work with project managers and other team members to manage project timelines and deliverables. As GRC Advisory subject matter expert (SME), they have expertise in evaluating the security and compliance of client services against regulatory and industry standards, with knowledge in related areas.  The core standards to GRC Advisory practice and therefore the Lead Principal include a suite of ISO standards (27001, 27701, 42001, 27017, 27018), SOC1, SOC2, HITRUST, and HIPAA.  The Lead Principal is familiar with adjacent frameworks impacting GRC Advisory clients and may be involved in developing methodologies to enhance the service line capabilities in line with new and emerging frameworks.
 
The Lead Principal is expected to leverage their technical and business experience across four (4) domains, including:
 
1. Prioritize and perform research on topics and/or areas affecting client engagements or regulatory requirements to bring clarity to that area which may involve engaging the regulatory bodies to get the clarification.  Communicate the information gathered to the entire practice through various mediums such as information repositories, meetings, trainings, etc.  Update repositories that have outdated information with updated information. 
2. Evaluate and enhance the security of complex systems that may impact both risk and compliance for organizations, large and small. 
3. Mentor and develop team members to help grow the team and its capabilities.
4. Engage  outwardly  into the community through blog posts, technical white papers, forum participation and conference speaking engagements. Engage  inwardly  to support business and practice growth by developing Sales/Marketing collateral, delivery methodologies and SOPs, train/mentor colleagues as necessary and serve as the SME for all topics related to your technical or compliance area of expertise.

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, our Human Resources team at  HumanResourcesMB@coalfire.com .