At West Monroe, our people are our business.
We pride ourselves on bringing a different mindset to consulting—and that takes a different approach: highly collaborative, flexible, and tenacious.
Our people-first, highly collaborative culture is core to our identity. It’s something we care about, and something we strive to enrich and preserve. No hierarchies. No siloes. No egos. Just smart ideas, and the drive to make an impact for our clients.
Every day our clients rely on us to help them tackle their greatest challenges, by strategically deploying technology through a business-focused and industry-specific lens. We bring together both the right knowledge and the right approach, so that they can capitalize on opportunities and deliver real results. That takes the right team. And that’s where you come in.
Ready for the next step on your career journey?
West Monroe is looking to hire a Manager to focus on Cybersecurity for Private Equity and Compliance (HIPAA, PCI, GDPR, etc.), ultimately providing critical security solutions for West Monroe’s clients. The Manager will also work with practice leaders across the firm to set the direction of security offerings within our Cybersecurity Practice.
You would be responsible for leading technical project teams as the engagement lead to gather requirements, create a design, and implement the solution. You’ll typically be working with a team of consultants working to complete a project that aligns with your client’s private equity, M&A, and/or compliance objectives.
- Provide strategic security advisory, PCI, HIPAA, and/or GDPR consulting services for enterprise clients, ranging from policy definition to adoption and enforcement.
- Current state review of existing organization, processes, and technologies to deliver key findings and recommendations.
- Delivery of cyber asset/system categorization and impact ratings, including site visits to multiple client locations.
- Identify, scope, and deliver solutions within industries such as Healthcare, Financial Services, Retail, etc.
- Develop implementation strategy and roadmaps, with an initial focus on HIPAA, PCI, or GDPR compliance.
- Perform day-to-day organization, process and technology data collection and analysis, interviews and discovery workshops.
- Implement security solutions including the design, configuration, development, testing and deployment of security-related technologies such as Security information & Event Monitoring (SIEM), Identity & Access Management, IDS/IPS, Data Loss Prevention, Digital Rights Management, Network Access Control, and other security technologies.
- Manage client relationships and meet with clients to determine business and functional requirements.
- Translate business and technical requirements into concrete projects proposals including detailed work plans and cost estimates.
- Contribute to the business development process at existing clients.
- Promote thought leadership in emerging technologies; from partnerships to go-to-market offerings and strategy, to design and implementation.
- Actively build a professional network and affiliate network in the local and greater consulting, cybersecurity, and broader tech communities.
- 5-10+ years of professional IT experience focused on cybersecurity.
- Strong preference for 3+ years of experience working in a client-facing, consulting capacity.
- 4+ years of experience working in compliance (HIPAA, PCI, GDPR, etc.) and/or performing security assessment work (vulnerability management, auditing IT security controls, network security, social engineering, etc.) for PE clients.
- Ability to convey complex technical security concepts to technical and non-technical audiences including executives.
- Demonstrate knowledge and experience with the architecture, engineering and deployment of technical and cybersecurity solutions for Private Equity and Mergers & Acquisitions objectives.
- Experience in leading and delivering end-to-end solutions, which could include strategy, design, development, testing and training, and implementation.
- Advanced understanding of high-level application, database, and network security principles for risk identification, mitigation, and analysis.
- Experience with cybersecurity architectural roadmaps, sub-domain strategies, product roadmaps and standards.
- Certified Information Systems Security Professional (CISSP) certification or equivalent highly desired.
- HealthCare Information Security and Privacy Practitioner (HCISPP) or Payment Card Industry Professional (PCIP) certifications considered a plus.
- Excellent organizational, verbal, presentation/facilitation, and written communication skills.
- Bachelor’s degree in IT, Computer Science, MIS, Cybersecurity, or similar is preferred, not required.
- Willingness to travel for out of town client engagements, up to 70-80%.