Senior Security Consultant - Executive Advisory Services
Summary
GuidePoint Security offers a robust portfolio of Executive Advisory and Governance, Risk, and Compliance (GRC) services, including cybersecurity risk management program development, security strategy execution, Virtual CISO (vCISO) leadership, enterprise and board-level risk assessments, cybersecurity maturity program optimization, vendor and third-party risk management, business continuity planning, data protection programs, policy governance, and awareness training. As the cybersecurity landscape continues to evolve, so too do our offerings—adapting to support the strategic needs of today’s business leaders.
As a Senior Security Consultant, you will deliver executive-level cybersecurity advisory services with a strong emphasis on aligning security programs to organizational objectives. This role blends strategic thought leadership, real-world experience, and mentorship to help our clients transform their programs and coach rising and current CISOs. You will be instrumental in shaping and delivering holistic security transformation programs and enabling the continued evolution of GuidePoint’s Executive Advisory Services offerings.
Key Responsibilities
Lead and deliver strategic cybersecurity advisory services to senior executives, including CIOs, CISOs, CFOs, CEOs, and Boards of Directors.
Serve as a trusted Virtual CISO for clients, overseeing program development, strategic planning, risk reduction initiatives, and board communications.
Execute executive briefings and present cybersecurity program strategies in business-aligned language to drive understanding and sponsorship at the executive and board levels.
Provide coaching and mentorship to CISOs and emerging security leaders, aligning program growth with organizational maturity and executive expectations.
Lead engagements across GRC service areas such as enterprise risk assessments, maturity program reviews, M&A cybersecurity due diligence, and transformation initiatives.
Design and implement cybersecurity risk management programs integrated with Enterprise Risk Management (ERM), leveraging both qualitative and quantitative methodologies.
Develop and operationalize board- and executive-level risk reporting, metrics, and KRIs to support informed decision-making and governance.
Guide development of policies, procedures, data governance and protection strategies—including the implementation of privacy and data classification controls.
Contribute to service innovation and strategic offering development for Executive Advisory and Virtual CISO services.
Build and maintain strong, trusted relationships with client executives and business stakeholders.
Provide cross-functional leadership, collaborating with other GuidePoint practices on large-scale transformation programs.
Support pre-sales activities and contribute to proposal development and service scoping for Executive Advisory and Governance services.
Actively publish thought leadership, present at conferences, and represent GuidePoint Security in industry forums.
Position Requirements
Former CISO or senior security leadership experience in a global enterprise or consulting capacity is highly preferred.
Proven experience in executive advisory roles, delivering cybersecurity guidance at the C-Level and Board level.
10+ years of experience in GRC consulting, delivering outcomes across diverse industries, including financial services, healthcare, manufacturing, retail, and SaaS providers.
Expertise in designing, leading, and optimizing cybersecurity programs, including alignment with frameworks such as NIST CSF, ISO 27001, CIS Controls, etc.
Strong command of risk analysis techniques, including threat modeling (e.g., STRIDE, MITRE ATT&CK), quantitative/qualitative risk analysis, and enterprise risk reporting.
Experience integrating security strategy with Enterprise Architecture and Security Architecture principles.
Exceptional communication skills with a demonstrated ability to simplify complex security concepts for business and board audiences.
Track record of successfully mentoring and developing high-performing security leaders and CISOs.
Demonstrated experience delivering cyber due diligence and security program alignment during mergers and acquisitions (M&A).
A passion for service excellence, innovation, and thought leadership.
Industry-recognized certifications appreciated: CISSP, CISM, CISA, CRISC, CGEIT, CBCP, GIAC, etc.
Experience speaking at industry conferences or publishing thought leadership is a strong plus.
About the job
Apply for this position
Senior Security Consultant - Executive Advisory Services
Summary
GuidePoint Security offers a robust portfolio of Executive Advisory and Governance, Risk, and Compliance (GRC) services, including cybersecurity risk management program development, security strategy execution, Virtual CISO (vCISO) leadership, enterprise and board-level risk assessments, cybersecurity maturity program optimization, vendor and third-party risk management, business continuity planning, data protection programs, policy governance, and awareness training. As the cybersecurity landscape continues to evolve, so too do our offerings—adapting to support the strategic needs of today’s business leaders.
As a Senior Security Consultant, you will deliver executive-level cybersecurity advisory services with a strong emphasis on aligning security programs to organizational objectives. This role blends strategic thought leadership, real-world experience, and mentorship to help our clients transform their programs and coach rising and current CISOs. You will be instrumental in shaping and delivering holistic security transformation programs and enabling the continued evolution of GuidePoint’s Executive Advisory Services offerings.
Key Responsibilities
Lead and deliver strategic cybersecurity advisory services to senior executives, including CIOs, CISOs, CFOs, CEOs, and Boards of Directors.
Serve as a trusted Virtual CISO for clients, overseeing program development, strategic planning, risk reduction initiatives, and board communications.
Execute executive briefings and present cybersecurity program strategies in business-aligned language to drive understanding and sponsorship at the executive and board levels.
Provide coaching and mentorship to CISOs and emerging security leaders, aligning program growth with organizational maturity and executive expectations.
Lead engagements across GRC service areas such as enterprise risk assessments, maturity program reviews, M&A cybersecurity due diligence, and transformation initiatives.
Design and implement cybersecurity risk management programs integrated with Enterprise Risk Management (ERM), leveraging both qualitative and quantitative methodologies.
Develop and operationalize board- and executive-level risk reporting, metrics, and KRIs to support informed decision-making and governance.
Guide development of policies, procedures, data governance and protection strategies—including the implementation of privacy and data classification controls.
Contribute to service innovation and strategic offering development for Executive Advisory and Virtual CISO services.
Build and maintain strong, trusted relationships with client executives and business stakeholders.
Provide cross-functional leadership, collaborating with other GuidePoint practices on large-scale transformation programs.
Support pre-sales activities and contribute to proposal development and service scoping for Executive Advisory and Governance services.
Actively publish thought leadership, present at conferences, and represent GuidePoint Security in industry forums.
Position Requirements
Former CISO or senior security leadership experience in a global enterprise or consulting capacity is highly preferred.
Proven experience in executive advisory roles, delivering cybersecurity guidance at the C-Level and Board level.
10+ years of experience in GRC consulting, delivering outcomes across diverse industries, including financial services, healthcare, manufacturing, retail, and SaaS providers.
Expertise in designing, leading, and optimizing cybersecurity programs, including alignment with frameworks such as NIST CSF, ISO 27001, CIS Controls, etc.
Strong command of risk analysis techniques, including threat modeling (e.g., STRIDE, MITRE ATT&CK), quantitative/qualitative risk analysis, and enterprise risk reporting.
Experience integrating security strategy with Enterprise Architecture and Security Architecture principles.
Exceptional communication skills with a demonstrated ability to simplify complex security concepts for business and board audiences.
Track record of successfully mentoring and developing high-performing security leaders and CISOs.
Demonstrated experience delivering cyber due diligence and security program alignment during mergers and acquisitions (M&A).
A passion for service excellence, innovation, and thought leadership.
Industry-recognized certifications appreciated: CISSP, CISM, CISA, CRISC, CGEIT, CBCP, GIAC, etc.
Experience speaking at industry conferences or publishing thought leadership is a strong plus.