A recognized services management company in Illinois is actively seeking an experienced professional to join their growing team as their new Director of Cyber Risk Consulting. In this role, the Director of Cyber Risk Consulting will be responsible for overseeing the development, execution, and innovation of vCISO and Security Awareness services to ensure effective governance, risk, and compliance (GRC) consulting, cybersecurity framework alignment, risk assessments, and security awareness and phishing simulation programs.
Responsibilities:
- Provide hands-on leadership and development of a team of vCISOs, GRC Consultants, and Security Awareness Consultants, providing ongoing coaching, mentorship, professional development, and performance feedback to foster a high-performing team
- Track and report on key performance indicators (KPIs), contractual requirements, client satisfaction, and team member satisfaction to measure the effectiveness of risk consulting services
- Continually develop and enhance service delivery strategies to ensure alignment with evolving cybersecurity standards, regulations, and emerging threats
- Lead initiatives to improve service effectiveness through SOP development on service delivery, service onboarding/offboarding, quality assurance initiatives, and tool/process migrations, integrations, and automation
- Serve as an escalation point to internal teams and clients on issue scoping and resolutions
- Collaborate with key stakeholders to support service marketing and sales enablement, including pre-sales scoping
- Provide direct cyber risk consulting services for select, strategic clients to develop and execute cybersecurity strategies
- Maintain, develop, and document service runbooks for consistent, high-quality risk consulting services ensuring regular updates to reflect industry best practices and latest standards
- Perform other duties, as needed
Qualifications:
- 7+ years of experience working as a CISO/vCISO
- One or more of the following certifications: CISSP, CISA, CISM, or equivalent
- At least 7 years’ experience working as a CISO/vCISO
- Experience preparing for compliance audits including one or more of the following SOC2, CMMC, FDIC, HITRUST, PCI DSS, etc.
- Experience in conducting assessments and risk remediation strategies that align with industry best practices such as NIST CSF, CIS Controls, NIST 800-171, ISO/IEC 27000 series, HIPAA Security Role, etc.
- Experience consulting for Cybersecurity services for an MSP/MSSP
- Excellent interpersonal and communication skills
- Excellent time management and organizational skills
- Strong analytical and problem-solving skills
- Strong and proven leadership skills and experience
Desired Skills:
- Bachelor’s Degree in Cybersecurity or IT-related field
- Experience in maturing Cybersecurity programs for HIPAA-regulated entities
- Experience ensuring the continuity of Cybersecurity services during mergers and acquisitions
