Project Manager, Cybersecurity, IT Consultant

20+ years of relevant IT experience in shaping, operationalizing, and driving the CTO’s long‑term technology vision (North Star) across the enterprise. This role translates strategic intent into a coherent, multi‑year transformation roadmap and ensures consistent execution across product engineering, platforms, infrastructure, security, and operations.

The role acts as the single orchestration point for CTO‑led transformation initiatives—ensuring that architecture, engineering practices, platforms, and operating models evolve in a coordinated, outcome‑driven manner aligned to business strategy.

• Define and articulate the CTO North Star state for technology, engineering, and platforms
• Translate vision into prioritized transformation programs and measurable outcomes
• Ensure alignment across Build, Run, Security, Data, and Platform organizations
• Drive sustained execution, adoption, and value realization

• Define the account‑level information security strategy, aligned to the customer’s business objectives, risk appetite, and regulatory landscape
• Own the Security North Star Architecture, covering:
  • Cloud and platform security
  • Identity & access management (IAM, PAM)
  • Application and Dev Sec Ops  security
  • Data protection and privacy
  • Network and endpoint security
• Translate strategy into multi‑year security roadmaps with clear milestones and outcomes
• Ensure consistency with enterprise architecture and CTO/CISO standards

• Act as the account security authority, governing:
  • Security policies and standards
  • Risk acceptance and exception management
  • Control design and effectiveness
• Maintain an account cyber risk register and define mitigation plans
• Ensure alignment with relevant frameworks and regulations (as applicable):
  • ISO/IEC 27001/27002
  • NIST CSF / NIST 800‑53
  • SOC2, SOX, GDPR, PCI‑DSS
  • Industry‑specific regulations (e.g., financial services, healthcare)
• Support customer audits, regulatory exams, and supervisory reviews

• Lead security architecture and design assurance for:
  • Cloud migrations and modernization programs
  • Application development and Dev Ops transformation
  • Data and analytics platforms
• Ensure secure SDLC / Dev Sec Ops  practices are embedded into delivery pipelines
• Operational security controls
• Incident response and cyber recovery
• Logging, monitoring, and threat detection
• Drive adoption of Zero Trust and defense‑in‑depth principles

• Define and govern cyber resilience and incident response strategies for the account
• Partner with SOC, IR, Legal, Privacy, and Communications teams during major incidents
• Support executive‑level incident briefings and regulatory notifications
• Lead post‑incident reviews, root cause analysis, and corrective action governance

• Govern security risk for:
  • Cloud service providers
  • SaaS platforms
  • Strategic vendors and outsourcing partners
• Define due diligence, onboarding, and continuous monitoring requirements
• Ensure contractual security obligations, SLAs, and resilience requirements are met
• Establish exit and substitutability strategies for critical third parties

• Act as a trusted security advisor to customer executives (CISO, CIO, CTO, CRO)
• Convert technical security risk into business and financial impact
• Security roadmaps
• Risk posture dashboards
• Quarterly security reviews
• Influence customer decision‑making while balancing risk, innovation, and cost

• Support security‑led deal shaping, proposals, and solution designs
• Ensure contracts, statements of work (SoWs), and delivery commitments align with security strategy
• Provide oversight on cost‑effective security investments and tooling rationalization

• Mentor security architects, consultants, and engineers assigned to the account
• Promote security culture and accountability across delivery teams
• Drive adoption of modern security engineering and automation practices

• Bachelor’s degree in Information Security, Computer Science, Engineering,…