• Develop and execute tailored security strategies for each client, aligning with their business goals and risk profile.
• Advise clients on the development of security policies, procedures, and governance structures.
• Provide leadership on risk management, incident response, and regulatory compliance.

Risk Management and Compliance:

• Conduct risk and vulnerability assessments to identify potential threats and recommend appropriate mitigations.
• Ensure clients meet regulatory requirements such as GDPR, CCPA, HIPAA, PCI DSS, and other relevant frameworks.
• Guide clients through security audits, certifications, and third-party risk management processes.

Incident Response and Crisis Management:

• Serve as a key leader during security incidents, advising clients on containment, eradication, recovery, and post-incident analysis.
• Develop and maintain incident response plans and ensure clients are prepared to handle security breaches effectively.

Security Program Development:

• Assist clients in building comprehensive security programs, including policies, controls, and governance mechanisms.
• Oversee security awareness training programs to help clients foster a culture of security among employees.

Client Relationship Management:

• Act as the trusted advisor for multiple clients, managing long-term relationships and ensuring that security strategies align with their evolving needs.
• Regularly report on security posture and improvements, providing executive-level updates to client leadership teams.
• Engage with client stakeholders to develop budgets and priorities for their security programs.

Emerging Threats and Industry Trends:

• Stay current with the latest security threats, vulnerabilities, and regulatory developments to ensure clients remain protected against emerging risks.
• Advise clients on security technology investments, such as SIEM, firewalls, endpoint protection, and cloud security tools.

Required Qualifications

• Minimum of 10+ years of experience in information security, with at least 5 years in a senior security leadership role (CISO, vCISO, or similar).
• Experience consulting for a diverse range of industries, with an understanding of industry-specific risks and regulations.
• Proven success in developing and executing comprehensive security programs for mid-to-large organizations.
• In-depth knowledge of security frameworks such as NIST, SOC2, ISO 27001, TISAX, CIS Controls, and others.
• Hands-on experience with security tools and technologies such as firewalls, IDS/IPS, DLP, SIEM, and encryption solutions.
• Strong leadership skills with the ability to effectively manage security teams, vendors, and clients’ internal stakeholders.
• Ability to communicate complex technical security concepts to business executives and non-technical stakeholders.
• Strong analytical and problem-solving skills, with the ability to balance business objectives with security needs.
• Proven track record of successful client engagements, with the ability to manage multiple clients simultaneously.
• Relevant security certifications such as CISSP, CISM, CISA, CRISC, or equivalent.
• Bachelor’s degree in information security, Computer Science, or related field. A master’s degree is a plus.

Preferred Qualifications

• Experience in cloud security and securing hybrid cloud environments.
• Familiarity with operational technologies (OT) security for clients in industrial sectors.
• Hands-on experience leading security incident response and crisis management engagements.

NA