Manager, Compliance Advisory
About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world. But that’s not who we are - that’s just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
Position Summary
The Manager, Public Sector Advisory will support Public Sector advisory engagements while managing and mentoring team members. The role combines people leadership, project delivery, and client engagement, with accountability for high-quality delivery, project margin, utilization, and adherence to established methodologies. You will lead and support advisory engagements across the Public Sector frameworks, maintain strong client relationships throughout the engagement lifecycle, and provide oversight across compliance frameworks such as FedRAMP, CMMC, DISA Cloud SRG, FISMA, etc. This role includes reviewing and developing compliance documentation, ensuring quality through peer reviews, collaborating with internal stakeholders, and supporting IT security consulting for cloud and on-premises environments. As a leader, you will mentor locally based consultants, foster client relationships and lead various engagements within the Public sector advisory team. As part of your responsibilities, you will directly manage and mentor 2-3 team members, building a culture of accountability and excellence while nurturing high-trust partnerships with clients and stakeholders across all levels of their organizations throughout the engagement lifecycle. This role requires a deep understanding of compliance framework requirements, including the list of frameworks noted above. You will provide advisory consulting support, develop compliance-related reports and documentation, and ensure quality control through peer reviews of project deliverables. Collaboration will be central to your work, as you’ll partner with sales, quality management, and delivery teams to ensure project timelines and deliverables are met while maintaining strong customer satisfaction. Mentorship and coaching will be key elements of your leadership. You will guide team members in technology, consulting methodologies, technical reviews, and professional writing, ensuring they meet project margin and utilization targets. Additionally, your expertise will contribute to the success of IT system security consultations for both cloud-based and on-premises environments. As a relationship builder, you’ll establish trust with accounts, identify upsell and cross-sell opportunities, and escalate these to the sales team as appropriate. Your ability to cultivate collaborative partnerships will ensure client satisfaction across all engagements. To stay ahead of industry trends, you’ll actively pursue professional development opportunities and encourage continuous updates to team policies, procedures, and training in alignment with best practices. Finally, your strategic contributions will support organizational goals, helping grow the service line and expand the team’s capabilities. By focusing on successful project outcomes and client satisfaction, this role will blend technical expertise, leadership, and strategic vision to drive the success of the Public sector advisory team.
What You'll Do
- Directly manage and mentor consultants, fostering a culture of accountability, collaboration, and continuous improvement
- Support team member onboarding, training, and ongoing skills development
- Aid with resourcing decisions, workload planning, project margin and utilization management
- Support advisory engagements across the full project lifecycle, including planning, execution, review, and closure
- Maintain clear, professional communication with client stakeholders at multiple levels
- Escalate project risks, issues, or resourcing concerns in a timely and effective manner
- Partner with internal delivery, quality, and sales teams to ensure client satisfaction and successful outcomes
- Identify potential upsell and cross-sell opportunities and escalate them to appropriate sales stakeholders
- Execute and oversee compliance assessments aligned with recognized frameworks, including but not limited to FedRAMP, CMMC, DISA Cloud SRG, and various international frameworks noted in the description above
- Lead and perform interviews, examinations, and testing procedures to validate control implementation
- Develop, review, and maintain IT security documentation, including policies, procedures, risk assessments, and supporting artifacts
- Advise clients on improving security programs, compliance posture, and risk management practices
- Support IT system security initiatives for both cloud-based and on-premises environments
What You'll Bring
- Minimum of 5 years or more of working experience in information technology, information security, technical assessment, or audits
- Substantial knowledge of security control requirements (NIST, FISMA, FedRAMP, CMMC, DoD, etc.) and how they overlap with additional frameworks
- Significant experience in understanding and applying relevant technical knowledge in FISMA/FedRAMP and other compliance framework assessments within moderate and large hyperscale CSP environments
- Detailed understanding of IT security technologies including network and application security, firewalls, access management, and data protection
- Experience with virtualization and cloud technologies
- Familiarity with statutes and regulations across multiple industries relevant to IT
- Demonstrated ability to lead moderately complex system assessments/consulting engagements independently
- Demonstrated ability to assist team members with proper artifact collection and interviewing clients to ascertain control implementation details
- Demonstrated ability to read and interpret all control families
- Demonstrated ability to read and interpret firewall rulesets and to create network/boundary/data flow diagrams
- Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
- Strong consulting skills; ability to advise and challenge the status quo while building strong relationships
- Ability to build high-trust relationship and credibility quickly
- Ability to lead projects successfully and delegate up and across
- Strong attention to detail
- Strong problem solving, decision making, organizational and analytical skills
- Ability to prioritize and manage multiple initiatives/projects
- Ability to be self-driven and have strong independent initiative
- Strong excel skills with ability to develop worksheets with complex formulas
- Ability to facilitate meetings to small or large groups
- Diplomatic and broad minded
- Ability to lead teams small to large teams in the assessment and internal environments
- Ability to speak to Cloud Service Providers to resolve issues and come to a conclusion of the assessment
Why You’ll Want to Join Us
- At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively - whether you’re at home or an office.
- Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities.
- You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.
- You’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
- At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
- We may use artificial intelligence (AI) tools to support parts of the hiring process, such as analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans.
- If you would like more information about how your data is processed, please contact us.