Job Description
TITLE: Sr/Cybersecurity Consultant
SITUATION: A PE-backed portfolio company in the greater Cleveland area has a funded, Board-approved cybersecurity remediation program underway and needs a senior consultant to own execution. The engagement runs April through Q4 2026 across eight workstreams, with defined quarterly outcomes and direct accountability for Board-level reporting.
LOCATION: Cuyahoga Falls, OH (greater Cleveland area). Hybrid; on-site presence driven by client need -- heavier on-site during active delivery phases, more remote flexibility during planning and documentation. Candidates should be local or willing to commute for the duration.
INDUSTRY: Confidential (PE-backed portfolio company).
DURATION: April 2026 through Q4 2026, approximately 9 months. Contract. Extension possible based on roadmap execution.
WHAT THEY NEED: The consultant will serve as primary program lead and technical advisor across identity and access management, endpoint hardening, cloud security, vulnerability management, third-party access and Zero Trust architecture, MSSP oversight, and disaster recovery. Quarterly deliverables are defined and include Board cyber maturity updates, PAM/LAPS deployment, phishing-resistant MFA rollout, CWPP and vulnerability management standup, ZTNA capability rollout, and a final year-end remediation summary with 12-month roadmap. The role carries direct accountability for quarterly evidence packages and NIST-based KPI reporting to the Board and external assessors.
MUST-HAVES:
- 10+ years in cybersecurity with at least 5 years in program leadership or senior consulting
- Demonstrated PAM and LAPS design, deployment, and validation experience
- Hands-on IAM expertise including phishing-resistant MFA deployment at scale
- Experience governing or transitioning MSSP relationships and SOC operations
- Cloud security background including vulnerability remediation, CWPP, and log monitoring
- Zero Trust architecture knowledge with practical ZTNA implementation experience
- NIST CSF fluency applied to control design and executive metrics
- Proven delivery of Board-level cybersecurity program reporting and quarterly evidence packages
START: April 2026.
| Engagement Type | Contract |
| Schedule | Full-time hours; hybrid schedule with on-site presence driven by client need -- expect on-site for workshops, design reviews, executive sessions, and key delivery milestones |
| Duration | April 2026 through Q4 2026 (approximately 9 months); extension possible based on roadmap execution |
| Location | Cleveland suburb (Cuyahoga Falls, OH area); candidates should be local to the greater Cleveland area or willing to commute for the duration of the engagement |
| On-Site Expectations | Hybrid; on-site presence determined by client need rather than a fixed schedule -- heavier on-site during active delivery phases (workshops, design reviews, Board prep, stakeholder sessions); more remote flexibility during planning and documentation phases |
| Industry | Confidential (PE-backed portfolio company) |
| Workstreams | Identity and access management; endpoint hardening and device management; cloud security; vulnerability management; third-party access and Zero Trust architecture; security operations and MSSP oversight; disaster recovery and cyber resilience |
| Reporting | Quarterly outcomes and evidence packages delivered to executive leadership and the Board; NIST-based KPIs tracked and automated for external assessors |
| Target Start | April 2026 |
Scope of Services
The consultant will provide program leadership, technical advisory services, design support, implementation oversight, validation, and evidence preparation across the following workstreams:
- Identity and access management, including phishing-resistant MFA and privileged access controls
- Endpoint hardening and device management
- Cloud security controls and monitoring
- Vulnerability management and attack surface reduction
- Third-party access and Zero Trust architecture
- Security operations and MSSP review
- Disaster recovery and cyber resilience testing
- Development of Quarterly Metrics (NIST-based) reported to the Board and external assessors
Quarterly Outcomes and Deliverables
| Quarter | Deliverables | Acceptance Criteria |
| Q2 2026 Governance & Foundation Governance and foundational controls established; highest-priority exposure areas have defined owners, implementation plans, and initial operational controls in place. | - Quarterly cyber maturity update for the Board
- Privileged access management rollout plan
- Supplier access inventory and review process
- Attack surface remediation process with SLAs
- MSSP operating model and monitoring transition plan
- Workstation modernization and reboot enforcement plan
- LAPS validation
- Cloud vulnerability remediation plan
| - Board update delivered
- Q2 controls assigned to owners
- PAM/LAPS design approved and at least partially deployed
- Supplier inventory produced
- Attack surface remediation process operating
- MSSP monitoring transition plan approved
- Q2 evidence package completed
|
| Q3 2026 Core Controls Core preventative and detective controls implemented across identity, endpoint, cloud, vulnerability management, and resilience domains. | - Phishing-resistant MFA for email and cloud access
- CWPP monitoring enabled
- Internal and external vulnerability management process in production
- Script control and PowerShell hardening enforced
- Device posture checking standard implemented
- Patching compliance governance established
- Cloud log monitoring active via MSSP
- Wire fraud training and simulation completed
- DR planning and restore testing underway
| - Q3 controls implemented or operationally enforced in production for in-scope populations
- Control evidence collected; exceptions documented with remediation dates
- Monthly compliance reporting established
- Q3 executive status update delivered
|
| Q4 2026 External & Institutionalization External exposure, third-party connectivity, mobile management, and legacy infrastructure risks measurably reduced and institutionalized. | - WAF implementation for in-scope external applications
- Mobile device management policy enforcement
- Supported server OS remediation plan execution
- Third-party access standard implemented (managed device, VDI, or ZTNA)
- ZTNA capability rollout for applicable services
- Year-end remediation summary and 12-month forward roadmap
| - WAF protecting in-scope external applications
- Third-party access governed by approved standard
- ZTNA capability active for agreed use cases
- Mobile management controls enforced
- Unsupported server remediation plan approved and underway
- Q4 closure report and 12-month roadmap delivered
|
Consultant Responsibilities
- Maintain an integrated remediation plan, updated at least monthly, aligned to the quarterly target outcomes
- Coordinate workshops, decision meetings, and design reviews needed to remove blockers and progress work
- Define control success criteria, evidence requirements, and residual risk decisions for each in-scope remediation item
- Track dependencies across security, infrastructure, cloud, endpoint, identity, and business teams
- Escalate schedule, resource, or policy blockers in time for executive intervention
- Provide quarterly executive reporting summarizing status, achieved outcomes, open risks, and next-quarter priorities; including automation of Cybersecurity KPIs for Board reporting
What We're Looking For
| Required - 10+ years in cybersecurity with at least 5 years in a program leadership or senior consulting capacity
- Demonstrated PAM and LAPS design, deployment, and validation experience
- Hands-on IAM expertise including phishing-resistant MFA deployment at scale
- Experience governing or transitioning MSSP relationships and SOC operations
- Cloud security background including vulnerability remediation, CWPP platforms, and log monitoring
- Zero Trust architecture knowledge with practical ZTNA implementation experience
- NIST CSF fluency applied to control design, gap assessment, and executive metrics
- Proven delivery of Board-level cybersecurity program reporting and quarterly evidence packages
- Track record managing cross-functional remediation programs with defined quarterly outcomes
- Experience defining control evidence requirements and coordinating with external assessors
| Preferred - CISSP, CISM, CCSP, or equivalent certification
- WAF implementation and management experience
- Third-party risk management and vendor access governance background
- Experience in PE-backed or highly regulated environments (financial services, healthcare, critical infrastructure)
- Familiarity with CSPM tooling and cloud security posture benchmarking
- DR planning and resilience testing coordination
- MDM policy enforcement experience across mobile and endpoint populations
- Familiarity with wire fraud prevention programs and security awareness simulation platforms
|
Working Conditions
- Primary work location: greater Cleveland area (Cuyahoga Falls, OH); candidates should be local or willing to commute for the duration of the engagement
- Hybrid schedule; on-site presence is driven by client need, not a fixed day-of-week arrangement
- On-site expected for workshops, design reviews, executive sessions, Board reporting preparation, and key delivery milestones
- Remote flexibility available during planning, documentation, and coordination phases
- Full-time hours for the duration of the engagement
- Engagement runs April 2026 through Q4 2026, approximately 9 months
- Domestic travel may be required depending on stakeholder locations and vendor engagement needs
Never miss an opportunity! Create an alert based on the job you applied for.
