Director of Cybersecurity

(this role is Remote, but must be US based)

What we believe

In the past two years, more than a trillion dollars have been invested in software companies at record prices. And in many cases, the underlying tech is the greatest enabler to the business strategy. But has the approach to govern technology value creation caught up to the magnitude of the risk?

We believe a better way is possible – a more programmatic, proactive approach to actively manage technology throughout the investment lifecycle – and that’s what we do.

Our role

We know that technology can create truly transformative change, and its role in business is only growing. Crosslake is here to support the changemakers and help them buy, build and run better technology.

What we value

You could be a good fit for Crosslake if you see yourself reflected in our guiding values:

Service. We effect change by empowering others.

Curiosity. We believe great advice starts with deep understanding.

Credibility. Our expertise is earned and proven.

Commitment. It’s our privilege to serve clients in their critical moments.

Creativity. We are inspired by the constant pursuit of better.

Overview

Reporting to the Managing Director, the Cybersecurity Practice’s Director is accountable for managing teams to the successful delivery of client projects while collaborating on the strategic direction and vision of the practice and company as a whole.

Role and Responsibilities

• Manage security strategy development and define related roadmaps in alignment with client’s business objectives
• Perform security program assessments against established frameworks and best practices such as NIST CSF, CIS, PCI DSS, HIPAA, ISO, SOC 1, and SOC 2
• Formulate cloud security architecture designs, devise cloud migration plans, and manage solution implementation on client’s selected cloud service provider (CSP)
• Prepare clients for security audits such as PCI DSS, ISO27k, SOC 1, and SOC 2
• Maximize Crosslake’s capabilities and intellectual property to meet each client’s needs
• Identify opportunities to enhance/optimize security, decrease costs, and increase value for clients
• Develop strong, long-term client relationships and become recognized as a trusted business advisor
• Participate in business development activities
• Support the delivery of major projects and programs, including project management and oversight as necessary

Qualifications

• Minimum 10+ years of cyber security experience ideally in a service provider environment
• CISSP/CCSP/CCSK certification or its equivalent is preferred
• Expert knowledge in cloud-based enterprise security technologies
• Expert knowledge of at least 2 security frameworks or certifications such as NIST, CIS, PCI DSS, HIPAA, SOC 1, and SOC 2
• Entrepreneurial DNA with clear executive ownership of vision, strategy, and execution
• Demonstrated strategic and analytical mindset with exceptional problem-solving skills
• Strong interpersonal and presentation skills (i.e., exceptional communicator and listener, particularly with clients and prospects) who quickly synthesizes information from a multitude of sources and generates shared understanding across different technical and non-technical audiences
• Team player who will work across the firm to enhance the way we serve clients
• Willingness and natural tendency to “roll up one’s sleeves” and assist wherever needed
• Mindset of a team player who will work across the firm to improve the way we serve clients
• Coachable and embracing of best practices/feedback as a means of continuous improvement
• Collaborative, curious, respectful, and constructive in dealing with all members of the Crosslake community.