Consultant, Lead Auditor - ISO Assurance | Atlanta, GA

About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
Position Summary
This role will work as part of a team assessing customer organizations against global regulatory and industry requirements as well as publications released by the International Organization for Standardization (ISO). The team member will initially support experienced project and team leaders and be assigned specific technical and non-technical engagement segments. This role will develop into a practice Engagement Lead that collaborates with Project Managers, Directors, and other delivery team members to effectively manage project timelines, schedules, contracting, resourcing, and work product construction. A Consultant on the Global Assurance team enhances the posture and maturity of customer processes affecting information security and data privacy management through the technical evaluation of governance programs. This role will evaluate both the design and operating effectiveness of technical controls supporting management systems and will help identify improvement opportunities for customers.

What You'll Do

• Autonomously leads interview and inquiry walkthroughs with client points of contact to determine the conformity of environments against stated requirements
• Responsible party and primary, first-level reviewer of draft audit planning and reporting material provided by support staff throughout the engagement lifecycle
• Works closely with experienced team members to ensure the completeness and accuracy of audit procedures for customer organization scopes
• Pursues and corroborates conclusions derived from inquiry procedures with auditee contacts while ensuring diligent interview notes are captured as a result of direct interactions with customers
• Offline and remote evidence inspection of client-provided documentation with the ability to appropriately mark artifacts requiring follow up or additional clarification from the auditee
• Draft audit programs that sufficiently address both the required objectives of the certification body and the complexity of the client environment
• Adheres to pre-defined project timelines and communicates possible changes to the schedule or scope of work with appropriate internal team members
• Manages priorities and tasks to achieve billable utilization targets established for the role
• Continuous professional development when maintaining subject matter-specific certifications, credentials, and designations
• Collaborates with project managers, quality assurance, and/or other delivery team members to drive customer satisfaction and the timely production of deliverables
• Identifies upsell and cross sell opportunities and escalates to practice management
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable supporting engagements
• Establishes and maintains positive collaborative relationships with clients and involved stakeholders
• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value beyond the text described within the audit criteria and learned through exposure with alternate environments
• Remains abreast to regulations or standards that are either in draft or approaching enforcement affecting publications via ISO
• Standard office environment consisting of being in-office 2-3 days of the week (ability to be successful when working remotely, if necessary)
• Travel 20-50%, inclusive of both domestic travel within the United States and international assignments
• Passport required

What You'll Bring

• 2-3 years of experience as an IT consultant, IT auditor, or similar role with audit background.
• Prior employment with a “Big 4” professional services firm or an accredited certification body for management systems
• Previous project experience implementing or assessing information assurance frameworks and control sets, such as ISO 27001, ISO 27002, ISO 27017, ISO 27018, ISO 27701, Cloud Controls Matrix (CCM),
• NIST SP 800-53, and NIST Cyber Security Framework (CSF)
• Strong preference of at least 1 year working experience with ISO 42001.
• General knowledge and application of audit planning, testing, and reporting procedures
• Capability to independently research a technical topic and develop logical testing approaches
• Comfort leading interview walkthroughs and inquiry sessions with client points of contact
• Knowledge of current events affecting changes within information security and data privacy practices (e.g., breaches, laws, consent orders and decrees)
• Computer and typing skills that permit rapid data collection during meetings with both internal and external contacts
• Public-speaking skills set along with an apparent executive presence that solicits attention from audiences
• Inquisitive and curious nature with the ability to effectively probe for deeper information
• Attention for detail and quality processes
• Strong consulting skills with a penchant to corroborate surface-level discoveries with objective evidence
• Ability to build high-trust relationships, rapport, and credibility quickly with peers and customers
• Strong written and verbal communication skills, including the ability to explain technical concepts to non-technical audiences
• Personal initiatives toward organization, time management, and learning
• Ability to handle multiple tasks or projects within the same timeframe
• Bachelor’s degree in a relevant field (CIS, MIS, Risk Management, or another related field)

Required Certifications

• Currently an ISO Lead Auditor in at least one of the following: ISO 27001, ISO 27701, ISO 9001, ISO 22301, or ISO 20000-1
• Strong preference of being a Lead Auditor with ISO 42001
• Certification to at least one of the following audit and information security schemes: CISA, CISM, CPA, CRISC, CCSK, CISSP, and CCSP
• Certification to any of the following industry schemes: Amazon Web Services (AWS) Solutions Architect – Associate, AWS SysOps Administrator, Microsoft Azure Solutions Architect – Associate, Microsoft Azure Security Engineer - Associate, Google Cloud Platform (GCP) – Associate Cloud Engineer, GCP Professional Cloud Architect, etc.

Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, our Human Resources team at HumanResourcesMB@coalfire.com.