RemoteLeaf Logo
Log in Sign up

Consultant - SOC2, PCI Assessment

1 month, 1 week ago
United Kingdom
Full-time
Junior
Penetration Tester
Cybersecurity
AWS Azure Cybersecurity GCP
Apply Now
Coalfire

Coalfire

Coalfire is a cybersecurity advisor that helps organizations avert threats, reduce risk, and turn security into a competitive advantage, fueling their success.

Internet Software & Services
251-1K
Founded 2001
$9M raised
View All Jobs 12

Description

  • Work with a team of assessors to plan and deliver client assessments against regulatory, industry, and security framework requirements.
  • Draft audit programs that address regulatory objectives and the complexity of each client environment.
  • Lead client interviews and walkthroughs to evaluate whether environments conform to stated requirements.
  • Test security controls, policies, procedures, technical safeguards, and compliance with laws, regulations, and best practices.
  • Review client evidence and documentation remotely or offline, identify follow-up items, and corroborate findings through inquiry procedures.
  • Prepare, review, and contribute to client-ready assessment reports and recommendations.
  • Evaluate the design and operating effectiveness of controls and identify opportunities to improve security posture.
  • Collaborate with project managers, quality management, and delivery team members to meet timelines, deliverables, and quality standards.
  • Manage priorities and tasks to support utilization targets and on-time delivery.
  • Identify upsell and cross-sell opportunities and escalate them to leadership when appropriate.

Requirements

  • 2+ years of experience as an IT Consultant, IT Auditor, Business Analyst, or in a similar role.
  • Bachelor's degree or equivalent combination of education and work experience, preferably in CIS, MIS, or IT.
  • General knowledge of IT audit procedures and cybersecurity best practices.
  • Experience independently researching technical topics and developing logical testing approaches.
  • Experience leading testing sessions for assigned controls.
  • Demonstrated ability to read and interpret security framework criteria.
  • Strong consulting and relationship-building skills, including the ability to advise and challenge constructively.
  • High attention to detail, strong time management, and the ability to multi-task and meet deadlines.
  • Strong written and verbal communication skills, including the ability to explain technical matters to non-technical audiences.
  • Must be located in the United Kingdom; up to 25% travel may be required.
  • Cloud experience with AWS, GCP, or Azure is preferred.
  • Experience in financial services, fintech, insurance, banking, or B2B enterprise environments is preferred.
  • Preferred certifications include CCSK, CCP, Security+, and AQSA.
  • Information security certification required or ability to obtain: CISSP, CISM, or ISO 27001 Lead Implementer.
  • Audit certification required or ability to obtain: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO 27001 Lead Auditor.

Benefits

  • Salary range of £54,514 to £64,677 per year.
  • Eligibility for annual incentive, commission, and/or recognition programs.
  • Flexible work model with remote work and optional hybrid access to the Manchester office.
  • Paid parental leave.
  • Flexible time off.
  • Certification and training reimbursement.
  • Digital mental health and wellbeing support membership.
  • Comprehensive insurance options.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

GuidePoint Security

Jr. Identity Security Metrics Consultant & Databricks Analyst

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is seeking a Jr. Identity Security Metrics Consultant & Databricks Analyst to support federal identity security initiatives and produce data-driven reporting from identity platforms and Databricks.

United States Full-time Junior Data Analyst Penetration Tester
Cybersecurity Databricks Machine Learning
2 hours, 31 minutes ago
AHEAD

Senior Technical Consultant - Network Security

AHEAD 1K-5K IT Services

AHEAD is hiring a Senior Technical Consultant to lead client-facing network security engagements spanning firewall, network access control, and SASE/Zero Trust design, implementation, and delivery for enterprise environments.

United States Full-time Senior Network Engineer Penetration Tester
$170k-$200k
Ansible AWS Azure Fortinet HIPAA Juniper Kubernetes SIEM Splunk Terraform
3 hours, 38 minutes ago
Label Your Data

Head of Security

Label Your Data 51-250 Internet Software & Services

Label Your Data is hiring a Head of Security to establish and lead its standalone security function, shaping operations and strategy for the company while collaborating with the group security team.

Ukraine Full-time Senior Penetration Tester
Cybersecurity SIEM
5 hours, 54 minutes ago
Anduril Industries

Contractor Special Security Officer

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Contractor Special Security Officer (CSSO) to support SCI programs for the Intelligence Community and manage the security program for its secure work environment.

United States Full-time Mid Level Penetration Tester
$129k-$171k
1 day, 3 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers