Cyber Security Consultant

Summary

Join Crosslake as a cybersecurity consultant, working with private equity and portfolio company clients to implement information security strategies aligned with their business objectives. You will assess and address information security risks, interact with executive leadership, and assist in leading cybersecurity operations. Responsibilities include managing customer security programs, handling cybersecurity incidents, representing Crosslake in industry forums, and implementing secure systems. This role requires extensive experience in information security, strong technical skills, and the ability to work both independently and collaboratively. A successful candidate will possess strong communication and analytical skills and a proven track record of implementing security controls within organizations.

Requirements

• Knowledge of legal and regulatory requirements, including the frameworks such as ISO27001, PCI, HIPAA, SOC, SOX, and NIST
• Strong knowledge around the requirements of the above frameworks and implementing security best practices within an organization
• Solid understanding of business management processes, including employing information security risk management and cybersecurity technologies
• Knowledge of application security, cloud security, encryption techniques, identity and access management, mobile security, network security, and virtualization security
• 15+ years securing organizations as an in-house team member or advisor / consultant in roles like: Chief Information Security Officer, Director / Manager of Information Security, Director / Manager of Compliance, Principal Security Analyst, Principal Security Engineer, Security Architect
• Demonstrated history of being able to successfully implement security controls within an organization
• Experience in leading within a fast-paced, complex organization
• Ability to work from home (or an office of your choosing) and be self-directed, but also effectively collaborate with the team in both a remote and in-person capacity
• Strong technical acumen and technical horsepower
• Be willing to learn and take on new areas that may be outside of your initial comfort zone
• Passion towards making others great and making a high-performing team even better
• An action-oriented personality – you know how to get stuff done
• Great communicator to peers, clients, executive leadership, and boards
• Understanding customer objectives and driving results toward those objectives
• Ability to learn fast and on-the-job
• Responding effectively to rapid change in needs, processes, and technologies
• Ability to understand key concepts and communicate clearly and concisely, including technical details and processes
• Ability to collaborate effectively and build relationships at all levels, especially with senior leaders
• Strong organizational skills with the ability to perform under pressure and manage multiple priorities with competing demands for resources
• Robust analytical, data processing, and problem-solving skills
• Proficiency in process formulation and improvement
• Strong analytical skills, including managing multiple projects under strict timelines and working effectively in a dynamic environment to meet objectives

Responsibilities

• Work with our private equity and portfolio company clients, consulting on how to apply an information security vision and strategy in alignment with customer business objectives
• Work with customers to assess and address information security risks
• Interact with customers executives (EX: CIO, CTO, CEO, DPO) to understand and implement desired change in the customers organization
• Assist in leading enterprise-wide cybersecurity operations teams, processes, and responses
• Assist in managing customer security programs including the achievement and/or maintenance of key compliance initiatives such as SOC, ISO27001, NIST, PCI, and SOX
• Execute and direct the identification, containment, mitigation, and recovery activities related to cybersecurity incidents that may negatively impact customer assets or services
• Represent Crosslake in industry cybersecurity forums and working groups, including sector-specific cyber threat intelligence communities
• Work with customers to evaluate, implement, and secure key systems within their environment
• Analyze and assess customer systems for security / risk exposure and provide business-prioritized remediation recommendations
• Assist in handling the documentation, development, implementation, and maintenance of processes related to strong security and compliance controls in customer environments
• Work with Operations teams to ensure security architectures are appropriately assessed and able to be supported
• Work with Engineering and Operations teams to implement new technologies and security solutions in alignment with industry best practice and commonly accepted principles of secure design

Preferred Qualifications

CISSP or equivalent certification is preferred

Benefits

Ability to work from home (or an office of your choosing)