• Senior Security Consultant

    Job Locations US-MD-Rockville
    Regular Full-Time
  • About Coalfire

    Coalfire is the cybersecurity advisor that helps private and public sector organizations avert threats, close gaps, and effectively manage risk. Our professionals are among the most talented in the industry, and each and every day, they strive to provide the unbiased assessments, advice, and innovative solutions that help our clients meet their specific challenges and build long-term strategies to protect their organizations. For nearly 20 years, we’ve been on the cutting-edge of one of the world’s most important industries – and we’re committed to making the world a safer place by solving our clients’ toughest security challenges.


    We’re growing rapidly and are currently seeking a Senior Security Analyst to support our customer located in Gaithersburg, MD.

    What you'll do

    The Senior Security Consultant will work closely with the Customer project team and Information System Security Officer (ISSO) to ensure that security requirements for information systems meet FISMA and NIH requirements and perform Continuous Monitoring Activities within cloud-based environments.  You will be responsible for:

    • Assist the customer with system security consultation within cloud-based environments and support the implementation of the applicable NIH security and privacy requirements, and in accordance with NIST Special publications; 800-37, 800-53, and other authoritative IT security guidance
    • Assist in developing, documenting and updating all FISMA security documentation; FIPS 199, Privacy Impact Assessment (PIA), Business Impact Analysis (BIA), eAuthentication, System Security Plan, Policy and Procedure, Configuration Management Plan, Contingency Plan, and Incident Response Plan. Continuous Monitoring Plans, and Incident Response Plans in accordance with NIH and NIST Special Publication requirements
    • Support the system owner and/or project team in incorporating the applicable system security and privacy requirements to include, but not limited to, defining and documenting system specific requirements and making recommendations for technical, operational, or administrative implementations throughout the project lifecycle
    • Assist in developing a Continuous Monitoring Strategy and support Continuous Monitoring activities in accordance with the NIH and NIST Continuous Monitoring requirements, to include; account management, audit and accountability, and vulnerability management
    • Coordinate with and assist Security Control Assessors (SCA) in preparing for and conducting security control assessments
    • Coordinate with the customer project team and the ISSO to identify, document, and resolve or mitigate system security issues and Plan of Action and Milestone (POA&M) findings found security control assessments or continuous monitoring activities
    • Participating in tactical response and recovery activities in the event of a contingency or an information security breach

    What you'll bring

    • Bachelor's degree (four-year college or university), preferably in Computer Science or Cybersecurity (or equivalent), or at least five (5) years of experience in the IT / Cybersecurity industry
    • Experience with FISMA and FedRAMP government compliance, with an emphasis on Certification and Accreditation (C&A) / Assessment and Authorization (A&A) processes and security package documentation
    • Ability to lead small, less complex system assessments independently
    • Proficient knowledge of the NIST Special Publications 800 Series; 800-37 Revision 1, 800-53 Revision 3 or 4, and 800-53A Revision 1
    • Strong Background with commercial cloud environments; architectures, technologies, and services
    • Strong written and verbal communication skills, with attention to detail
    • Security focused industry certifications such as a CISA, CISSP, CCSK, CCSP, CRISC, or AWS Associate Architect
    • Knowledge of information security related solutions, tools, and utilities

    Why you'll want to join us

    Passionate problem-solvers who are hungry to learn, grow, and contribute. That’s what it takes to be a part of the Coalfire team. We work together to tackle the toughest cybersecurity challenges and help our clients become more secure and successful. We are trusted advisors who are committed to shaping our industry. At Coalfire, our people have the opportunity to expand their minds and skills, build meaningful relationships with the industry’s smartest minds, and have a direct impact on our company’s success. 


    Along with energetic culture and supportive environment, you’ll have the flexibility to balance your personal and work life and grow personally and professionally. We work hard, and we play hard – and the two often overlap. We host family-friendly events and happy hours along with professional meetups and informal networking sessions, and we’re active in our communities. Plus, we offer great benefits, including:


    • Health, dental, and vision insurance with an employer contribution
    • Flexible paid time off (employees are encouraged to spend four weeks away from the office each year)
    • A generous 401(k) plan
    • A corporate wellness program
    • Tuition reimbursement
    • A kitchen stocked with snacks, coffee, and tasty beverages


    Coalfire is an EEO employer.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed