×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Principal Consultant, Cyber Security

Job in Mahwah, Bergen County, New Jersey, 07495, USA
Listing for: STIGroup, Ltd.
Full Time position
Listed on 2026-06-15
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 185000 - 215000 USD Yearly USD 185000.00 215000.00 YEAR
Job Description & How to Apply Below

About STIGroup

STIGroup (Secure Technology Integration Group) is a SOC 2 Type II certified MSSP and cyber advisory firm headquartered in Mahwah, NJ. Founded in 2000, we serve clients nationally, with a concentration in Metro NY/NJ, across managed security, GRC, and advisory services. Our work spans regulated industries including financial services, healthcare, life sciences, and critical infrastructure, and we operate as an embedded extension of our clients' teams.

Role

summary

STIGroup is hiring a Principal Consultant who can operate credibly across hands‑on technical assessment and framework‑aligned GRC advisory. You will own engagements end to end across managed security, GRC, and advisory, working with CISOs and operators to mature their programs. In addition, this Principal Consultant will be expected to help expand existing client relationships by identifying follow‑on opportunities, contributing to account growth, and serving as a trusted primary point of contact throughout the engagement lifecycle.

This is a senior individual contributor role, not a people‑management position.

What you will do
  • Serve as the primary trusted advisor for assigned accounts, building senior client relationships, shaping ongoing security strategy, and translating emerging needs into scoped follow‑on work.
  • Maintain executive‑level client relationships across the engagement lifecycle, align stakeholders on priorities, and proactively identify opportunities for additional advisory, GRC, and managed security support.
  • Lead end‑to‑end delivery of cyber security and GRC engagements: security assessments, control design, architecture review, gap analyses, roadmaps, and remediation plans.
  • Do the hands‑on technical work: review client environments, read logs and packet captures, validate controls through active testing, and design across endpoint, network, identity, cloud, and perimeter security.
  • Run framework‑aligned assessments against SOC 2, NIST CSF, NIST 800‑53, ISO 27001, HIPAA, and CMMC as applicable, and turn findings into prioritized remediation plans.
  • Author policies, standards, and procedures, build risk registers and control libraries, and support third‑party risk and audit‑readiness work.
  • Advise on managed security operations (SIEM/MDR coverage, log sources, detection gaps, vulnerability management, IR readiness) and support active incident response when needed.
  • Brief executive and board audiences when the engagement calls for it, in language that connects technical findings to business impact.
  • Own account growth through trusted advisory work: spot follow‑on consulting, GRC, and managed‑service opportunities, partner with leadership to scope and close them, and treat expansion as a measure of engagement quality.
  • Produce clear client‑facing deliverables (assessment reports, executive readouts, status updates) without heavy editorial oversight.
What you bring (required)
  • 10+ years of progressive cyber security experience, including 5+ in client‑facing consulting or MSSP delivery with end‑to‑end engagement ownership.
  • Executive stakeholder management and consultative communication skills, with the ability to build credibility quickly with CISOs, IT leadership, and business stakeholders.
  • Experience identifying client needs, shaping solution scopes, and contributing to follow‑on consulting or managed security opportunities in a way that aligns to client outcomes.
  • Strong commercial judgment, including the ability to balance delivery quality, client trust, and account growth.
  • Workshop facilitation and discovery skills, including leading client interviews, surfacing priorities, and translating ambiguous requirements into actionable plans.
  • Technical depth across several of: vulnerability management, SIEM/MDR/SOC operations, incident response, IAM/MFA/PAM, endpoint and network, cloud (AWS, Azure, M365), and security architecture.
  • Hands‑on experience applying NIST CSF and NIST 800‑53 to client assessments; working fluency with ISO 27001, SOC 2, HIPAA, and CIS Controls; you sequence remediation, not just identify gaps.
  • Track record owning multiple concurrent engagements as the primary delivery lead from scoping through closure.
  • Direct…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search