Principal Consultant - Strategy & Risk

The Principal Consultant in the cyber risk and compliance practice is an experienced leader in driving strategic initiatives, managing complex client engagements, and delivery high-impact security and risk solutions. This role combines deep subject matter expertise with technical and business acumen to guide organizations in strengthening their cybersecurity posture and regulatory compliance.

How you'll make an impact

• Mentor security consultants, fostering professional growth in the areas of cybersecurity risk and compliance management

• Serve as trusted advisor to C-level executives, senior leadership sponsors on cybersecurity and risk management

• Work with customers to help them articulate their business requirements and how those requirements translate into security features and functionality

• Develop and drive security strategies, policies and frameworks for clients based on industry leading practices (NIST, ISO 27001CMMC, CIS, PCI, etc.)

• Assist with development of cyber engagement plans for customers which will enable them to execute upon strategies

• Rationalize different security solutions against requirements, risk, and constraints

• Represent the practice at industry events, speaking engagements and round table discussions if required

• Lead, complex and high-profile cybersecurity governance, risk and compliance engagements across industries

• Conduct security risk assessments, maturity assessments, and gap analysis for regulatory compliance

• Act as the primary point of contact for executive stakeholders, ensuring clear communication and strategic alignment

• Hands on experience with security assessments, risk management, compliance assessments, policy and standards and other related risk and compliance activities

• Strong analytical and problem-solving skills for cybersecurity challenges

• Excellent communication and report writing skills for client engagements

• Ability to manage multiple projects and work independently in a fast-paced environment

• Broad awareness of the security/ technology space as a whole

• Bachelor's degree and approximately 10-15 years of related work experience

• Deep experience in cybersecurity frameworks and risk management methods and frameworks (e.g., NIST, ISO 27001, CIS, CMMC)

• Willingness to travel to meet client needs

• Valid driver's license in the US

• Holds relevant certifications in the cybersecurity and risk management industry such as, CISSP, CISM, CRISC, CCSP, CMMC CCP/CCA, ISO 27001 (Lead implementer)

• Strong interpersonal skills

• Strong written and presentational skills; ability to clearly communicate complex messages to a variety of audiences

• Possess high standard of integrity and confidentiality

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. "Optiv Chips In" encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)