Director, GRC Global Advisory

• Manage a team of 5-6 team members including both individual contributors and managers.
• Mentor all project team members on GRC advisory consulting methodologies based on industry recognized frameworks (HITRUST, ISO 27001, ISO 22301, ISO 27701, ISO 42001, SOC2, FedRAMP, HIPAA, NIST SP 800-53A Revision 5, etc.)
• Monitor the progress of the project and adjust as necessary to ensure successful completion of the project.
• Responsible for the managed revenue and team utilization.
• Oversee project status meetings to include information for: schedules, data requirements, assignments.
• Manage escalations of client engagements, ensuring delivery of quality products and services.
• Maintain quality service by establishing and enforcing organization standards.
• Collaborates closely with sales team to drive strategic growth in Compliance Advisory organization.
• Manage team, responsible for talent decisions regarding performance management, compensation and hiring. Provide mentorship and coaching to team members in areas of audit, assessment, technical review, and writing.
• Continuous professional development in maintaining industry specific certifications and maintains strong depth of knowledge in the practice area.
• Closely follow industry development and trends to develop and maintain industry-specific policies, procedures, and training.
• Demonstrate expertise in the control requirements and test procedures of HITRUST, ISO 27001, ISO 22301, ISO 27701, ISO 42001, SOC2, FedRAMP, HIPAA, NIST SP 800-53A Revision 5, or other security compliance frameworks.
• Manage projects and team to achieve gross profit and revenue targets.
• Provides scoping and pre-sales support during sales process.
• Identifies practice sell-through opportunities and partners with other teams within Coalfire to ensure successful partnership with our clients.
• Work with HR and other leaders to create programs to enhance employee satisfaction and increase retention
• Establish strong relationships with named account base to grow accounts through account planning.
• Perform interviews of potential new hires for an intern, associate, consultant, senior consultant, senior manager and director roles.
• Ensure proper billing for all clients that the Director is involved.
• Develop thought leadership content on behalf of the practice and work with sales and marketing.

• Minimum of 8 years or more of working experience in information technology, information security, technical assessment, or audits
• At least two or more of the following Advanced certifications or equivalent in cybersecurity or cloud: CISSP, CISA, PMP, QSA, HITRUST Certification, CISM, CRISC, and/or AWS Associate or specialty cert in security
• Bachelor's degree (four-year college or university) or equivalent education and experience with a degree in CIS, MIS, IT, or related field preferred
• Substantial knowledge and expertise of security control requirements (HITRUST, ISO 27001, ISO 22301, ISO 27701, ISO 42001, SOC2, FedRAMP, HIPAA, NIST SP 800-53A Revision 5, etc.) and how they overlap with additional frameworks
• Significant experience in understanding and applying relevant technical knowledge in FISMA/FedRAMP, HITRUST CSF and other compliance framework assessments within moderate and large hyperscale CSP environments
• Knowledge in conducting multi-framework consolidated compliance assessment activities
• Detailed understanding of IT security technologies including network and application security, firewalls, access management, and data protection
• Experience with virtualization and cloud technologies
• Experience with client-server and traditional on-premises architecture
• Familiarity with statutes and regulations across multiple industries relevant to IT
• Experience leading extremely complex system assessments/consulting engagements independently

• Demonstrated ability to read and interpret firewall rulesets and to create network/boundary/data flow diagrams
• Experience performing interviews of potential new hires for an intern, associate, consultant, senior consultant, senior manager and director roles
• Experience in managing both individual contributors and managers
• Experience working in a sales engineering capacity.
• Strong written and verbal communication skills including the ability to explain technical and non-technical matters to both a technical and non-technical audience
• Strong consulting skills; ability to advise and challenge the status quo while building strong relationships
• Ability to build high-trust relationship and credibility quickly
• Ability to lead projects successfully and delegate up and across
• Strong attention to detail, strong problem solving, decision making, organizational and analytical skills

• Ability to prioritize and manage multiple initiatives/projects.
• Ability to be self-driven and have strong independent initiative.

• Strong excel skills with ability to develop worksheets with complex formulas
• Ability to facilitate meetings to small or large groups
• Diplomatic and broad minded
• Ability to develop and present Executive level briefings
• Strong business acumen to understand gross margin, revenue, utilization drivers
• Ability to scope and price client engagements and to collaborate with teams outside of Compliance Advisory (e.g., sales, engineering, PMO, ops, etc.)
• Ability to travel 25-40%

PI277768276