RemoteLeaf Logo
Log in Sign up

Consultant - SOC2, PCI Assessment

2 hours, 55 minutes ago
United Kingdom
Full-time
Junior
Penetration Tester
Cybersecurity
AWS Azure Cybersecurity GCP
Apply Now
Coalfire

Coalfire

Coalfire is a cybersecurity advisor that helps organizations avert threats, reduce risk, and turn security into a competitive advantage, fueling their success.

Internet Software & Services
251-1K
Founded 2001
$9M raised
View All Jobs 10

Description

  • Work with a team of assessors to plan and deliver client assessments against regulatory, industry, and security framework requirements.
  • Draft audit programs that address regulatory objectives and the complexity of each client environment.
  • Lead client interviews and walkthroughs to evaluate whether environments conform to stated requirements.
  • Test security controls, policies, procedures, technical safeguards, and compliance with laws, regulations, and best practices.
  • Review client evidence and documentation remotely or offline, identify follow-up items, and corroborate findings through inquiry procedures.
  • Prepare, review, and contribute to client-ready assessment reports and recommendations.
  • Evaluate the design and operating effectiveness of controls and identify opportunities to improve security posture.
  • Collaborate with project managers, quality management, and delivery team members to meet timelines, deliverables, and quality standards.
  • Manage priorities and tasks to support utilization targets and on-time delivery.
  • Identify upsell and cross-sell opportunities and escalate them to leadership when appropriate.

Requirements

  • 2+ years of experience as an IT Consultant, IT Auditor, Business Analyst, or in a similar role.
  • Bachelor's degree or equivalent combination of education and work experience, preferably in CIS, MIS, or IT.
  • General knowledge of IT audit procedures and cybersecurity best practices.
  • Experience independently researching technical topics and developing logical testing approaches.
  • Experience leading testing sessions for assigned controls.
  • Demonstrated ability to read and interpret security framework criteria.
  • Strong consulting and relationship-building skills, including the ability to advise and challenge constructively.
  • High attention to detail, strong time management, and the ability to multi-task and meet deadlines.
  • Strong written and verbal communication skills, including the ability to explain technical matters to non-technical audiences.
  • Must be located in the United Kingdom; up to 25% travel may be required.
  • Cloud experience with AWS, GCP, or Azure is preferred.
  • Experience in financial services, fintech, insurance, banking, or B2B enterprise environments is preferred.
  • Preferred certifications include CCSK, CCP, Security+, and AQSA.
  • Information security certification required or ability to obtain: CISSP, CISM, or ISO 27001 Lead Implementer.
  • Audit certification required or ability to obtain: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO 27001 Lead Auditor.

Benefits

  • Salary range of £54,514 to £64,677 per year.
  • Eligibility for annual incentive, commission, and/or recognition programs.
  • Flexible work model with remote work and optional hybrid access to the Manchester office.
  • Paid parental leave.
  • Flexible time off.
  • Certification and training reimbursement.
  • Digital mental health and wellbeing support membership.
  • Comprehensive insurance options.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Infosys

Third Party Risk Management (TPRM) Consultant - Principal

Infosys 100K+ Internet Software & Services

Infosys Consulting is seeking a Principal Third Party Risk Management Consultant to lead enterprise third-party risk, GRC, and vendor assurance programs for clients across multiple industries.

Poland Full-time Lead Penetration Tester Program Manager
40 minutes ago
Ascera

Practice Manager, Director, Principal (NIST/CMMC)

Ascera Internet Software & Services

112Cyber is seeking a senior leader to grow and run its CMMC compliance practice, overseeing both advisory and C3PAO engagements while improving delivery outcomes for clients and the business.

United States Full-time Lead Operations Manager Penetration Tester
40 minutes ago
Ethena

Head of Security

Ethena 1-10 Diversified Financial Services

Ethena Labs is seeking a globally remote Head of Security to lead and own the company’s end-to-end security strategy across its crypto and stablecoin products, infrastructure, and operations.

Anywhere Executive Penetration Tester Security Engineer
AWS Cybersecurity Kubernetes Penetration Testing SIEM
1 hour, 10 minutes ago
Quistor

Managed Operational Security Consultant

Quistor 51-250 Internet Software & Services

Broadpin is hiring a Medior Managed Operational Security Consultant to help secure customer business-critical IT systems by managing vulnerabilities, patching, and security automation across international client environments.

United Kingdom Belgium Czech Republic Netherlands Spain Full-time Mid Level Penetration Tester
Ansible Linux
1 hour, 25 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers