Find A Job

Security Risk Consultant (Mergers & Acquisition)

Round Rock, Texas | IT
Job ID: 107255
Listed on 6/17/2021

KellyMitchell matches the best IT and business talent with premier organizations nationwide. Our clients, ranging from Fortune 500 corporations to rapidly growing high-tech companies, are exceptionally served by our 1500+ IT and business consultants. Our industry is growing rapidly, and now is a great time to launch your career with the KellyMitchell team.

Security Risk Consultant

Job Summary: Our client is looking for a Security Risk Consultant who will drive, track and report on the Security & Resiliency activities throughout the lifecycle of a transaction - from due diligence to post-integration/separation.  Coordinating across various Security & Resiliency teams and partnering with other functional workstream leads and Corporate Development, they will identify, assess, and mitigate key security and resiliency issues for acquired/divested entities, implement actionable workplans to achieve remediation of security threats, while also overseeing management of the project and overall program.

Duties: 

  • Manage the SRO M&A program, including developing and updating program playbooks, workplans, questionnaires and other governance documents; developing and socializing reporting tools and templates; training SRO teams on governance documents and tools
  • Execute against multi-year roadmap to transform the capabilities of the program
  • Perform M&A risk assessments that include discovery and consideration of different data types, regulatory requirements, and security and resiliency posture
  • Identify security risks and develop risk mitigation strategies based on due diligence findings, and input from stakeholders; form mitigation strategies balancing business needs against security and resiliency concerns for ensuring timely risk reduction for all M&A activities
  • Manage the full life cycle of day-to-day Security workstream activities including coordination of detailed functional plans, resource and budget requests, communication with key stakeholders, and issue resolution; create awareness of cross- functional interdependencies and establish prioritization for plan execution to minimize disruption on daily operations
  • Provide regular status reporting to senior leadership and key stakeholders on the overall status of the Security workstream activities, including plan execution and risk identification, prioritization and triage
  • Capture best practices and lessons learned throughout the M&A activities for continuous improvement

Desired Skills/Experience: 

  • Bachelor’s degree with 12+ years relevant experience; or equivalent experience 
  • 10+ years’ broad experience and acumen in cybersecurity and at least one other security domain (e.g. product security and/or physical security)
  • Experience with security laws, regulations, standards and best practices including, but not limited to, CSA CCM, NIST, ISO, PCI, Sarbanes Oxley, HIPAA, and EU GDPR
  • Experience with mergers, acquisitions and/or divestitures (integration/separation/planning)
  • Prior experience performing risk assessments
  • Strong project management skills and experience with tools and templates 
  • Experience directly supporting or briefing C-Suite executives and their staff
  • Understanding of Security terms, nuances, and modern threats to be able to coordinate with technical resources and solutions and perform risk assessments 

*mjp123