Security Functional Lead

Department: Group Product & Offering Strategy

Description:

This role is responsible for providing expert consulting services to clients, guiding them in the development and execution of robust enterprise strategies for managing information and technology risks. The main purpose of this position is to advise clients on a broad spectrum of security and privacy matters, including strategy development, architectural design, program implementation, and regulatory compliance. Key areas of focus include identity and access management, data protection, data leakage prevention, and navigating data security and privacy laws. This role also encompasses assisting clients in the selection, development, and implementation of security and privacy technologies. Ultimately, the consultant ensures clients are well-equipped to mitigate risks and maintain a secure and compliant IT environment.

• Risk Assessment and Strategy Development, Ensure the quality and completeness of client's IT security and privacy risk assessment and strategy.
• Security Architecture Design and Implementation, Ensure the design and implementation of secure IT architectures align with client's business objectives and risk tolerance.
• Data Protection and Privacy Program Implementation, Ensure the effectiveness and compliance of the data protection and privacy program.
• Identity and Access Management (IAM) Consulting, Ensure the effectiveness and security of implemented IAM solutions.
• Technology Selection and Implementation Support, Ensure the successful implementation of security and privacy technologies.
• Regulatory Compliance and Audit Support, Ensure client compliance with regulations and achieve positive audit results.
• Continuous Improvement and Threat Monitoring, Ensure the effectiveness of threat monitoring and continuous improvement efforts.

• Minimum of 10+ years of experience in IT security, risk management, or privacy consulting, with a strong focus on enterprise security strategy and implementation.
• Bachelor’s or Master’s degree in Computer Science, Information Technology, Cybersecurity, Information Assurance, Risk Management, or a related field.
• Relevant certifications such as CISSP, CISM, CISA, CRISC, ISO 27001 Lead Implementer/Auditor, or equivalent are highly desirable.
• Proven track record in designing and implementing security architectures, identity and access management (IAM) solutions, and data protection programs.
• Extensive experience in conducting risk assessments, developing security roadmaps, and ensuring regulatory compliance (e.g., GDPR, CCPA, NIST, ISO 27001).
• Strong background in advising clients on security technology selection, deployment, and optimization.
• Prior leadership experience in managing security projects, guiding cross-functional teams, and delivering high-impact security solutions.
• Experience in professional services or consulting is preferred, with the ability to engage with stakeholders at all levels (technical teams to C-suite executives)