Privacy, Risk, and AI Consultant

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape.

Privacy, Risk, and AI Consultant

Coalfire - Charleston, WV

On-site, Remote

Full-time - Posted 9 hours ago

The Privacy, Risk, and AI Consultant will work as part of a team assessing the security, privacy and risk of our clients to best provide advice on cybersecurity programs, industry requirements and standards, and support remediation activities. This role will have a strong understanding of privacy regulations (e.g., GDPR, CCPA), cybersecurity risk frameworks (e.g., NIST CSF), and AI trends to perform assessments and lead interviews.

They will develop reports and remediation roadmaps for clients and help clients with building sustainable cybersecurity and privacy programs. They will work closely with Project Managers, Directors and other Delivery team members to effectively manage project timelines and deliverables.

• Develop engagement methodologies to enhance our client privacy offerings
• Serve as a Privacy, Risk, and AI Thought Leader on engagements including assessment plan preparation, review of technical plans, documentation and evidence, evaluation of procedures, and client interviews.
• Support and guide information security, privacy, and risk discussions with technical and non-technical groups
• Identify enterprise information security, privacy and compliance related problems and challenges; research and develop technical solutions to rectify them
• Perform information risk, security and related compliance assessments, including testing of related controls
• Review AI Risk and Governance programs and provide recommendations for strengthening AI security
• Develop and operationalize enterprise information security and privacy programs and related components
• Prepare and review advisory or assessment findings and recommendations reports
• Assess cyber-related policy, procedures, legislation, and implementation directives
• Assess and remediate compliance with industry regulations and frameworks across multiple industries that are relevant to cybersecurity (e.g. NIST CSF, NIST Privacy, CIS, CCPA, GDPR)
• Continuous professional development in maintaining industry specific certifications to maintain a strong depth of knowledge in the practice area.

• At least 3 years working experience in cyber security and privacy
• Consulting experience or security experience in an industry segment (finance, healthcare, energy, technology, etc.)
• Knowledge and awareness of the latest information risk, security, privacy, and AI innovations, trends, challenges and solutions
• Exposure to industry acclaimed information governance, risk and security standards/frameworks and professional practices (NIST, ISO, CIS, etc.)
• Knowledge of the typical enterprise risk and security operational practices
• Knowledge of information security related solutions, tools and utilities
• Bachelor’s degree in Business Administration, Computer Science, Information Systems, Engineering or related field, or equivalent combination of education and experience
• Strong analytical and problem-solving abilities
• Strong oral, written, and presentation skills
• Ability to work independently and time-manage

• CIPM, CIPP (or other privacy-related certification)
• CISM, CCSK, CIPP, CISA, CGEIT, or CRISC certification(s)
• Cyber Incident Response Experience
• AWS, Azure, Google Cloud Platform certification(s) and experience
• AI Risk and Governance experience