Loading...
Private Equity and Venture Capital Cybersecurity SME - Senior Manager at cfgi
cfgiUnited StatesΒ·17h ago
SeniorFull-timeRustGo
Salary Range
$93,925 - $127,075 /year
This salary is estimated based on similar roles. The actual salary may vary.
<div>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">CFGI is seeking a Cybersecurity Consulting Senior Manager with deep private equity and venture capital industry experience to lead and deliver high-impact advisory engagements across the investment lifecycle, from pre-deal cybersecurity due diligence and risk assessment through post-close integration, portfolio company maturity uplift, and exit readiness. This role blends hands-on delivery, executive communication, and practice leadership. You will work directly with PE/VC deal teams, operating partners, portfolio company CISOs, CIOs, CFOs, and Board/Audit Committee members to design pragmatic programs, build scalable operating models, and deliver security outcomes tied to value creation and investment thesis.</span></p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">The ideal candidate brings direct private equity or venture capital industry experience, either from within a PE/VC firm, a portfolio company, or a consulting practice with a dedicated PE/VC client base, combined with deep cybersecurity advisory expertise, strong commercial instincts, and a proven ability to deliver in fast-paced, deal-driven environments.</span></p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><strong><u><span style="font-family: 'Times New Roman', serif;">Key Responsibilities:</span></u></strong></p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><u><span style="font-family: 'Times New Roman', serif;">Client Advisory & Delivery:</span></u></p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<ul style="margin-top: 0in; margin-bottom: 0in;">
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Lead cybersecurity advisory engagements across the PE/VC deal lifecycle: pre-acquisition due diligence, post-close 100-day security planning, portfolio company maturity uplift, carve-out/stand-up, and exit readiness assessments.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Conduct and manage cybersecurity due diligence assessments for buy-side and sell-side transactions: identify material risks, quantify cyber exposure, and deliver findings in deal-team-ready formats (red/yellow/green risk summaries, indemnification inputs, rep & warranty considerations).</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Design and operationalize cybersecurity governance models (policies, standards, risk appetite, committees, reporting KPIs/KRIs) scaled appropriately to portfolio company size and PE ownership model.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Build and mature enterprise risk programs: risk assessments, risk registers, control libraries, and control testing approaches.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Develop and implement security policies, standards, and procedures aligned to common frameworks (e.g., NIST CSF, ISO 27001/27002, CIS, SOC 2, CMMC, FedRAMP).</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Support regulatory readiness and compliance initiatives relevant to PE portfolio company sectors (e.g., SEC cyber disclosure rules, SOX ITGC for pre-IPO/public-co readiness, HIPAA for healthcare portfolio companies, PCI DSS, NYDFS 500, GDPR/CCPA where applicable).</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Develop investment-grade cybersecurity roadmaps and remediation plans tied to PE value-creation timelines; track progress against milestones and communicate status to operating partners and deal teams.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Advise on cybersecurity integration and separation activities for M&A transactions: network segmentation, identity/access migration, data classification, Day 1 security controls, and TSA/ITSA cybersecurity workstreams.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Perform vendor/third-party risk assessments and implement scalable TPRM operating models appropriate for PE-owned businesses.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Coordinate cross-functional stakeholders (Legal, IT, Security, Compliance, Product, HR) to drive outcomes and adoption.</span></li>
</ul>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><u><span style="font-family: 'Times New Roman', serif;">Executive Communication & Stakeholder Management:</span></u></p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<ul style="margin-top: 0in; margin-bottom: 0in;">
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Translate complex technical, regulatory, and privacy requirements into business-oriented recommendations.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Deliver executive-ready artifacts tailored to PE/VC audiences: LP/board cybersecurity reporting, deal-team risk summaries, portfolio-wide security heatmaps, 100-day plan progress updates, and audit committee materials.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Serve as a trusted advisor to senior leadership; confidently present findings and influence decisions.</span></li>
</ul>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><u><span style="font-family: 'Times New Roman', serif;">Practice Development & Leadership:</span></u></p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<ul style="margin-top: 0in; margin-bottom: 0in;">
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Contribute to go-to-market development: offerings, templates, accelerators, methodologies, and points of view.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Support business development through proposal writing, SOW development, client presentations, and solution shaping.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Mentor and develop consultants and managers; lead teams across multiple engagements while maintaining quality and delivery rigor.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Partner with other CFGI service lines (Accounting Advisory, CFO Advisory, Technology Enablement) to deliver integrated solutions.</span></li>
</ul>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><strong><u><span style="font-family: 'Times New Roman', serif;">Required Qualifications:</span></u></strong></p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<ul style="margin-top: 0in; margin-bottom: 0in;">
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Eight plus years of relevant experience in cybersecurity consulting, GRC, risk management, or compliance with meaningful direct experience serving private equity sponsors, venture capital firms, or PE-backed portfolio companies (level will map to experience).</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Bachelorβs degree in a related field is required.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Demonstrated expertise across the PE/VC cybersecurity advisory lifecycle: pre-acquisition cyber due diligence (buy-side and sell-side), post-close 100-day security planning and portfolio company stand-up, and integration and carve-out cybersecurity workstreams.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Framework implementation and operationalization: NIST CSF, ISO 27001/27002, SOC 2, CIS Controls.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Familiarity with privacy and regulatory requirements common to PE portfolio company sectors (HIPAA, GDPR/CCPA, SOX ITGC, PCI DSS); deep privacy program build-out expertise is not required.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Experience performing or leading: cybersecurity due diligence assessments for M&A transactions, rapid maturity uplift and 100-day security roadmap delivery, integration or carve-out cybersecurity workstreams, enterprise/security risk assessments, control design/testing, policy and standards development, compliance/regulatory readiness programs (especially SOX ITGC, SOC 2, HIPAA for portfolio companies).</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Exceptional written and verbal communication skills with a track record of producing executive-level deliverables.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Proven ability to lead teams, manage timelines/budgets, and deliver in a client-facing environment.</span></li>
</ul>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><strong><u><span style="font-family: 'Times New Roman', serif;">Preferred Qualifications (Nice-to-Have):</span></u></strong></p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<ul style="margin-top: 0in; margin-bottom: 0in;">
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Certifications: CISM, CISSP, CRISC, CISA, ISO 27001 Lead Implementer/Lead Auditor.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Direct experience working within a private equity or venture capital firm (in-house security, operating partner role, or embedded advisory).</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Experience supporting portfolio-wide cybersecurity programs across multiple simultaneous investments.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Exposure to incident readiness, tabletop exercises, and crisis communications coordination with Legal/Comms.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Experience supporting audits and assurance activities (SOC 2 readiness, ISO certification readiness, internal audit coordination).</span></li>
</ul>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><strong><u><span style="font-family: 'Times New Roman', serif;">Why CFGI:</span></u></strong></p>
<p style="margin: 0in; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<ul style="margin-top: 0in; margin-bottom: 0in;">
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Immediate exposure to complex, high-velocity PE and VC deal environments β due diligence, integrations, carve-outs, and exit readiness β with sophisticated sponsor and portfolio company clients.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Opportunity to shape and scale a fast-growing Cybersecurity practice.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Collaborative culture with autonomy, flexibility, and strong leadership support.</span></li>
<li style="margin: 0in 0in 0in 0px; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;"><span style="font-family: 'Times New Roman', serif;">Competitive compensation, benefits, and career growth trajectory.</span></li>
</ul>
</div>
Free to sign up. Takes 30 seconds.
