Senior Consultant, Security

About The Position

Requirements

• Minimum 5–8 years in cybersecurity leadership or consulting roles
• Strong knowledge of frameworks such as NIST CSF, CIS Top 18, HIPAA, SOC 2.
• Strong knowledge of regulations like GDPR, FISMA, FedRAMP and CMMC
• Proven track record leading CMMC 2.0 Level 2 assessments and POAM remediations.
• Experience in risk management, roadmap development, policy advisory, and executive-level communication.
• Bachelor’s degree in Computer Science, related discipline or equivalence of professional work
• Ability to take complex technical and security issues and translate them to non-technical customers
• Strong oral and written communication skills
• Effective time management and multi-tasking skills
• Ability to present to senior executive and CxO level clients
• Maintains the ability to stay organized and be detail-oriented
• Demonstrates a passion for solving problems or helping others and take the initiative in driving continuous improvement/execution excellence
• Exceptional organizational skills, including the ability to self-manage and multi-task effectively and accurately in a fast-paced and dynamic environment

Nice To Haves

• CMMC RP/CCA/CCP preferred
• CISSP, CISM or equivalent information security certification

Responsibilities

• Security Assessments and Compliance Alignment Lead Security Maturity Level Assessments (SMLA) aligned with frameworks including NIST CSF, CIS Top 18, HIPAA, SOC 2, ISO 27001 and CMMC 2.0.
• Conduct CMMC 2.0 Level 2 gap assessments, identifying deficiencies and providing clear remediation plans to prepare clients for audits.
• Analyze data and deliver IT health and risk assessments with recommendations Map identified gaps and risks to compliance frameworks, providing leadership with actionable insight on priorities and timelines.
• Review and validate client documentation and evidence against framework requirements.
• Risk Management and Roadmap Development Build and maintain risk registers that capture evolving threats and operational challenges, updated regularly.
• Develop structured, framework-aligned security roadmaps, sequencing initiatives across governance, technology, user controls, and vendor dependencies.
• Align remediation activities with business risk, compliance drivers, and resource constraints.
• Track progress and adjust plans based on changing risk environments and client priorities.
• Policy and Program Oversight Facilitate policy workshops covering key topics like Acceptable Use, Access Control, Incident Response, and Data Classification.
• Provide clients with advisory guidance, policy templates, and best-practice recommendations while ensuring alignment with various frameworks and regulations.
• Review existing policies for effectiveness and alignment while empowering clients to finalize drafts and manage internal approvals.
• Guide clients through building a sustainable internal security program that aligns with industry standards.
• Reporting and Executive Engagement Develop and maintain executive dashboards that visualize progress across risk reduction, maturity improvements, training participation, vulnerability management, and dark web monitoring.
• Lead quarterly strategic review sessions with client leadership, discussing risks, roadmap execution, and evolving priorities.
• Serve as a trusted advisor to executive teams, providing clear, actionable updates without unnecessary complexity.
• Support clients in aligning security investments with measurable business outcomes.

Benefits

• Rich Medical and prescription plans
• Dental & Vision
• Paid Holidays and Flexible Paid Time Off
• 401K/401K Roth with Safe Harbor matching
• Stock Appreciation Rights
• Company-paid life insurance, long-term and short-term disability insurance
• Company-paid mental health support & financial wellness services
• FSA for medical and dependent care
• HSA option with compatible medical plan
• Company-paid training, materials, and exams
• Performance-based bonuses