(this position is remote but candidates must be based in the United States) What we believe In the past two years, more than a trillion dollars have been invested in software companies at record prices. And in many cases, the underlying tech is the greatest enabler to the business strategy. But has the approach to govern technology value creation caught up to the magnitude of the risk? We believe a better way is possible – a more programmatic, proactive approach to actively manage technology throughout the investment lifecycle – and that's what we do. Our role We know that technology can create truly transformative change, and its role in business is only growing. Crosslake is here to support the changemakers and help them buy, build and run better technology. What we value You could be a good fit for Crosslake if you see yourself reflected in our guiding values: Service. We effect change by empowering others. Curiosity. We believe great advice starts with deep understanding. Credibility. Our expertise is earned and proven. Commitment. It's our privilege to serve clients in their critical moments. Creativity. We are inspired by the constant pursuit of better. In this role you will: Work with our private equity and portfolio company clients, consulting on how to apply an information security vision and strategy in alignment with customer business objectives. Work with customers to assess and address information security risks. Interact with customers executives (EX: CIO, CTO, CEO, DPO) to understand and implement desired change in the customers organization. Assist in leading enterprise-wide cybersecurity operations teams, processes, and responses. Assist in managing customer security programs including the achievement and/or maintenance of key compliance initiatives such as SOC, ISO27001, NIST, PCI, and SOX. Execute and direct the identification, containment, mitigation, and recovery activities related to cybersecurity incidents that may negatively impact customer assets or services. Represent Crosslake in industry cybersecurity forums and working groups, including sector-specific cyber threat intelligence communities. Work with customers to evaluate, implement, and secure key systems within their environment. Analyze and assess customer systems for security / risk exposure and provide business-prioritized remediation recommendations. Assist in handling the documentation, development, implementation, and maintenance of processes related to strong security and compliance controls in customer environments. Work with Operations teams to ensure security architectures are appropriately assessed and able to be supported. Work with Engineering and Operations teams to implement new technologies and security solutions in alignment with industry best practice and commonly accepted principles of secure design.
\n KnowledgeKnowledge of legal and regulatory requirements, including the frameworks such as ISO27001, PCI, HIPAA, SOC, SOX, and NIST.Strong knowledge around the requirements of the above frameworks and implementing security best practices within an organization.Solid understanding of business management processes, including employing information security risk management and cybersecurity technologiesKnowledge of application security, cloud security, encryption techniques, identity and access management, mobile security, network security, and virtualization security. Education/Experience15+ years securing organizations as an in-house team member or advisor / consultant in roles like: Chief Information Security Officer, Director / Manager of Information Security, Director / Manager of Compliance, Principal Security Analyst, Principal Security Engineer, Security ArchitectDemonstrated history of being able to successfully implement security controls within an organization.Experience in leading within a fast-paced, complex organization.CISSP or equivalent certification is preferred. SkillsAbility to work from home (or an office of your choosing) and be self-directed, but also effectively collaborate with the team in both a remote and in-person capacity.Strong technical acumen and technical horsepowerBe willing to learn and take on new areas that may be outside of your initial comfort zone.Passion towards making others great and making a high-performing team even better.An action-oriented personality – you know how to get stuff done.Great communicator to peers, clients, executive leadership, and boardsUnderstanding customer objectives and driving results toward those objectivesAbility to learn fast and on-the-job.Responding effectively to rapid change in needs, processes, and technologiesAbility to understand key concepts and communicate clearly and concisely, including technical details and processes.Ability to collaborate effectively and build relationships at all levels, especially with senior leaders.Strong organizational skills with the ability to perform under pressure and manage multiple priorities with competing demands for resources.Robust analytical, data processing, and problem-solving skillsProficiency in process formulation and improvementStrong analytical skills, including managing multiple projects under strict timelines and working effectively in a dynamic environment to meet objectives.
\n