Principal Consultant, Security Governance

New

Fully remote work environment within the continental United States.Full-TimePrincipal

Salary not disclosed

Apply NowOpens the employer's application page

Job Details

5–8 years of experience in cybersecurity consulting, information security governance, risk management, compliance, or related advisory roles.
Strong expertise conducting security and compliance assessments across frameworks such as ISO 27001, PCI DSS, HIPAA, NIST CSF, NIST 800-171, and CMMC.
Proven ability to lead client-facing consulting engagements and present complex cybersecurity concepts to executive and technical stakeholders.
Experience developing security governance frameworks, policies, standards, procedures, and risk management strategies for enterprise organizations.
Familiarity with cloud environments such as AWS, Microsoft Azure, or Google Cloud Platform, including cloud security governance practices.
Possession of at least one professional certification from both recognized governance and auditing domains, such as CISSP, CISM, CISA, ISO 27001 Lead Implementer, ISO Lead Auditor, GSNA, or equivalent certifications.
Strong analytical, organizational, communication, and problem-solving skills with the ability to manage multiple client engagements simultaneously.
Experience supporting PCI QSA or CMMC-related initiatives is strongly preferred.
Knowledge of AI governance, AI security frameworks, or AI-focused certifications is considered a strong advantage.
Bachelor’s degree in Information Security, Computer Science, Engineering, IT, or related field preferred, or equivalent professional experience.

Lead information security governance, risk, compliance, and privacy consulting engagements for enterprise clients across multiple industries.
Conduct security assessments, compliance reviews, and governance evaluations aligned with frameworks such as ISO 27001, NIST CSF, PCI DSS, HIPAA, CMMC, FERPA, and related standards.
Develop strategic security roadmaps, remediation plans, and governance recommendations tailored to each client’s operational and regulatory environment.
Advise executive leadership teams, including CISOs, CIOs, CSOs, and Boards of Directors, on cybersecurity strategy, organizational risk, AI governance, and compliance initiatives.
Design and maintain customized security policies, procedures, standards, and governance documentation that align with industry best practices and business objectives.
Lead PCI and CMMC advisory engagements, including readiness assessments, gap analyses, reports on compliance, and audit preparation activities.
Facilitate tabletop exercises, incident response simulations, and after-action reporting to strengthen organizational resilience and preparedness.
Collaborate with cross-functional cybersecurity teams on cloud governance, security program development, advisory services, and large-scale transformation initiatives.

View Full Description & ApplyYou'll be redirected to the employer's site