Senior Director, Global Assurance

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

This role manages a team of consultants, manages client escalations, and leads the most complex engagements supported by the practice. The Senior Director will have a reputation as a Subject Matter Expert for management system publications released by the International Organization for Standardization (ISO) and will be viewed by peers as an authoritative source for delivery methods and approaches to project issues. They will also provide quality control and peer review to other members of the delivery staff while working closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.

To be successful, a Senior Director within the Global Assurance practice will position themselves as the primary point of contact for client escalations affecting any of the practice line’s services. The Senior Director will provide supervision to experienced resources (typically, Senior Consultants and Senior Managers) and drive uniformity across the practice structure with regards to team culture, operational planning, forecasting, and sales support.

• Directly accountable for managing recurring project revenue of $5M-$7M USD annually
• Manages diverse team with varying level of experience and directly responsible for talent decisions affecting performance management, compensation, and hiring
• Acts as one of several in-house Subject Matter Experts for audit criteria supported by the Global Assurance team with the ability to respond to deep inquiries concerning sources of information and evolution of content, including adoption across industry sectors and regulators
• Identifies practice-wide process improvements and supports training personnel when methodologies or procedures are revised
• Provides mentorship to team members in areas of audit, assessment, technical review and report writing
• Interfaces with all levels of client points of contact (i.e., executives, counsel, directors, and economic buyers) throughout engagement lifecycle while maintaining relationships between engagement periods
• Autonomously leads interview and inquiry walkthroughs with client points of contact to determine the conformity of environments against stated requirements
• Works closely with less-experienced team members to ensure the completeness and accuracy of audit procedures for customer organization scopes
• Pursues and corroborates conclusions derived from inquiry procedures with auditee contacts while ensuring diligent interview notes are captured as a result of direct interactions with customers
• Draft audit programs that sufficiently address both the required objectives of the certification body and the complexity of the client environment
• Adheres to pre-defined project timelines and communicates possible changes to the schedule or scope of work with appropriate internal team members
• Manages priorities and tasks to achieve billable utilization targets established for the role
• Continuous professional development when maintaining subject matter-specific certifications, credentials, and designations
• Collaborates with project managers, quality assurance, and/or other delivery team members to drive customer satisfaction and the timely production of deliverables
• Identifies upsell and cross sell opportunities while appropriately leading the practice response including the development of change orders or adjustment of project schedules, where appropriate
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable supporting engagements
• Establishes and maintains positive collaborative relationships with clients and involved stakeholders
• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value beyond the text described within the audit criteria and learned through exposure with alternate environments
• Remains abreast to regulations or standards that are either in draft or approaching enforcement affecting publications via ISO

• 4-7 years experience as an IT consultant, IT auditor, or similar role
• Prior experience supporting project scoping discussions, level of effort determinations, sales, and contracting
• Extensive knowledge and application of audit planning, testing, and reporting procedures
• Extensive project experience implementing or assessing information security frameworks and control sets, such as ISO 9001, ISO 20000-1, ISO 27001, ISO 27002, ISO 27017, ISO 27018, ISO 27701, ISO 22301, Cloud Controls Matrix (CCM), NIST SP 800-53, and NIST Cyber Security Framework (CSF)
• Hold ISO 27001 Lead Auditor certification. Additionally, one or more relevant certifications as described within the Bonus Points section below.
• Capability to independently research a technical topic, develop logical testing approaches, and customize work product methodologies to be utilized by peers and support staff
• Comfort leading interview walkthroughs and inquiry sessions with client points of contact
• Knowledge of current events affecting changes within information security
• Strong people leadership skills that drive direct reports and peers in pursuit of individual goals that align with practice-level initiatives and strategy
• Confrontational personality that does not shy from difficult, interpersonal conversations while providing critical feedback that sparks aggressive career development conversations across direct reports
• Strong consulting skills with a penchant to corroborate surface-level discoveries with objective evidence
• Ability to build high-trust relationships, rapport, and credibility quickly with peers and customers
• Aptitude to lead projects comprising 2-4 support resources successfully and delegate duties appropriately
• Demonstrated experience directing engagements of low complexity independently
• Strong written and verbal communication skills, including the ability to explain technical concepts to non-technical audiences
• Personal initiatives toward organization, time management, and learning
• Attention for detail and quality processes
• Computer and typing skills that permit rapid data collection during meetings with both internal and external contacts
• Public-speaking skills set along with an apparent executive presence that solicits attention from audiences
• Inquisitive and curious nature with the ability to effectively probe for deeper information
• Familiarity with standards, frameworks, and regulations across multiple industries relevant to information security and/or data privacy
• Ability to travel 30-60%, inclusive of both domestic travel within the United States and international assignments
• Passport required
• Bachelor's degree (four-year college or university) or equivalent combination of education and experience (CIS, MIS, Risk Management, or other related degree preferred)

• Understanding of underlying accreditation standards supporting certification body quality processes, such as ISO 17021-1, ISO 27006, International Accreditation Forum (IAF) Mandatory Documents (MD), and IAF Informative Documents (ID)
• Prior experience where role comprised oversight of accreditation activities based on quality processes, including, but not limited to, resource competency, monitoring activities, impartiality evaluation, risk assessment, internal audit, and management review
• Certification to any of the following information security schemes in order of relevance: CCSK, CISSP, CCSP
• Certification to any of the following audit and assessment schemes in order of relevance: CISA, CISM, CPA, CRISC, ISO 27001 Lead Auditor, ISO 9001 Lead Auditor, ISO 22301 Lead Auditor, ISO 20000-1 Lead Auditor
• Certification to any of the following industry schemes: Amazon Web Services (AWS) Certified Cloud Practitioner, AWS Solutions Architect – Associate

Why You’ll Want to Join Us

At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.

Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.

At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, our Human Resources team at HumanResourcesMB@coalfire.com.