Manager, Cybersecurity M&A
At West Monroe, our people are our business.
We pride ourselves on bringing a different mindset to consulting—and that takes a different approach: highly collaborative, flexible, and tenacious.
Our people-first, highly collaborative culture is core to our identity. It’s something we care about, and something we strive to enrich and preserve. No hierarchies. No siloes. No egos. Just smart ideas, and the drive to make an impact for our clients. We also know that the best outcomes for both our people and our clients result from including diverse perspectives at the table. That's why inclusion & diversity is one of our core values.
Every day our clients rely on us to help them tackle their greatest challenges, by strategically deploying technology through a business-focused and industry-specific lens. We bring together both the right knowledge and the right approach, so that they can capitalize on opportunities and deliver real results. That takes the right team. And that’s where you come in.
Ready for the next step on your career journey?
West Monroe is looking to hire a Manager to focus on Cybersecurity Advisory for Private Equity (CAPE) and Compliance (PCI, HIPAA), ultimately providing critical client security solutions. The Manager will also work with practice leaders across the firm to set the direction of offerings and assets within our Cybersecurity Practice.
You would be responsible for leading technical project teams as the engagement lead to gather requirements, create a design, and implement the solution. You would typically be working with a team of cybersecurity consultants to complete a project that aligns with your client’s private equity, M&A, and/or compliance objectives.
Responsibilities:
- Provide strategic cybersecurity advisory and/or compliance consulting services for enterprise clients, ranging from policy definition to adoption and enforcement
- Current state cybersecurity review of existing organization, including processes and technologies, to deliver key findings and recommendations
- Delivery of cyber asset/system categorization and impact ratings, including site visits to multiple client locations
- Identify, scope, and deliver solutions within industries such as Healthcare, Financial Services, Retail, etc.
- Develop implementation strategy and roadmaps, with an initial focus on HIPAA, PCI, or GDPR compliance
- Perform day-to-day organization, process and technology data collection and analysis, interviews and discovery workshops
- Implement security solutions including the design, configuration, development, testing and deployment of security-related technologies such as Security information & Event Monitoring (SIEM), Identity & Access Management, IDS/IPS, Data Loss Prevention, Digital Rights Management, Network Access Control, and other security technologies
- Manage client relationships and meet with clients to determine business and functional requirements
- Translate business and technical requirements into concrete projects proposals including detailed work plans and cost estimates
- Contribute to the business development process at existing clients
- Promote thought leadership in emerging technologies; from partnerships to go-to-market offerings and strategy, to design and implementation
- Actively build a professional network and affiliate network in the local and greater consulting, cybersecurity, and broader tech communities
Qualifications:
- Bachelor's degree in relevant field preferred, or equivalent experience required
- Consulting firm/industry experience preferred
- 7-11+ years of professional IT experience with a focus on cybersecurity and preferably 4+ years of experience working in either compliance (HIPAA, PCI, etc.) and/or performing security assessment work (vulnerability management, auditing IT security controls, network security, social engineering, etc.)
- Ability to convey complex technical security concepts to technical and non-technical audiences including executives
- Experience in leading and delivering end-to-end solutions, which could include strategy, design, development, testing and training, and implementation
- Advanced understanding of high-level application, database, and network security principles for risk identification, mitigation, and analysis
- Experience with cybersecurity architectural roadmaps, sub-domain strategies, product roadmaps and standards
- Certified Information Systems Security Professional (CISSP) certification or equivalent highly desired
- HealthCare Information Security and Privacy Practitioner (HCISPP) or Payment Card Industry Professional (PCIP) certifications considered a plus
- Excellent organizational, verbal, presentation/facilitation, and written communication skills
- Willingness to travel for out of town client engagements
Ready to get started? Join our team and make an impact.