Cybersecurity And Compliance Architect, Technical Due Diligence, TTS

West Monroe is looking for a Cybersecurity & Compliance Architect to join our Technology and Experience Practice within Technology Transaction Services (TTS). This role will focus on IT security due diligence for the sake of client M&A transactions. The architect will interview client stakeholders to understand their cybersecurity environment (technology, processes, personnel), identify flaws, and present summary findings to executives across a variety of industries, I.e. Private Equity, High-Tech, Healthcare, and Finance. As a technology agnostic firm, West Monroe consultants are given the chance to continuously expand their skillset while working with cutting edge technologies, homegrown tools, and contemporary processes. This is an exciting opportunity to work within TTS aligning to the needs of the M&A practice area and lead strategic cybersecurity assessments and compliance-focused initiatives.

Responsibilities:

• Collaborate with TTS consultants from other competencies (Cloud, Software, Data), contributing cybersecurity expertise to produce holistic IT due diligence assessments to be factored into client M&A activity
• Manage client relationships and meet with executives to determine project requirements and provide status updates; translate requirements into concrete projects proposals, including detailed work plans and cost estimates
• Provide strategic cybersecurity advisory and compliance consulting services for enterprise clients, ranging from security assessments to personnel suggestions and policy definition/adoption
• Document current-state review of existing security organization(s), including their controls, processes, and technologies, to deliver key findings and recommendations to executives
• Develop implementation strategies and roadmaps to help clients achieve compliance w/ industry-accepted frameworks
• Manage junior consultants on projects, delegate workstreams, and act as career advisor/mentor
• Promote thought leadership in emerging cybersecurity technologies and consulting tactics through activities like blogs, white papers, attending industry events, and Center of Excellence contributions
• Contribute to business development process ad hoc and look for opportunities to cross-sell solutions
• Actively build a professional and affiliate network in the consulting, cybersecurity, M&A, and/or broader technology communities

Qualifications:

• Bachelor's degree in relevant field preferred or equivalent experience required
• Consulting firm/industry experience preferred
• 6-15+ years of professional experience focused on cybersecurity, compliance, and/or technology M&A
• Strong experience working with compliance/privacy frameworks, I.e. PCI-DSS, HIPAA, SOC 1/2, GDPR, CCPA, SOX, etc.
• Preference for broad background in IT security across areas such as risk advisory (NIST), incident response, threat hunting, network security, cloud security, application security, strategy & operations, etc.
• Experience leading teams and project managing end-to-end solutions
• Confident in conveying complex cybersecurity concepts to both technical and non-technical audiences, including executives
• Comfortable adapting to unique environments and working on fast-paced projects
• Willingness to travel for out of town client engagements
• Bonus experience - cyber M&A, application security, AWS/Azure