Jobs · Information Technology · Arizona

Director, National Security-Cybersecurity Governance

Alvarez & Marsal · Phoenix, AZ · 1 wk ago
Information Technology$130k–$175k/yrFull-time

Responsibilities

  • Lead cross-functional project teams in executing advisory, oversight, and audit projects related to Foreign Direct Investment (FDI) national security reviews, export and technology controls, and Cybersecurity Maturity Model Certification (CMMC).
  • Develop comprehensive project plans, establish key milestones, and manage resource allocation using enterprise project management methodologies and tools.
  • Design and implement Zero Trust architecture frameworks and IAM solutions, including privileged access management (PAM), role-based access control (RBAC), and continuous authentication mechanisms.
  • Collaborate with client security personnel to define and document security controls for distributed, big data systems with emphasis on least-privilege access principles.
  • Conduct enterprise-wide security assessments to verify the efficacy of administrative, technical, and physical safeguards, with particular focus on identity governance, access management, and Zero Trust implementation.
  • Evaluate security control maturity against industry frameworks such as NIST 800-53, ISO 27001, and CMMC.
  • Direct comprehensive security assessments of applications and software, including: (i) reviewing architecture diagrams with emphasis on identity and access flows; (ii) interviewing personnel across DevSecOps teams; (iii) evaluating IAM integration points and Zero Trust implementation; (iv) overseeing static and dynamic code analysis; (v) managing network penetration testing; and (vi) preparing detailed technical reports for senior counsel, executives, and national security officials.
  • Analyze and interpret penetration test results, focusing on identity-related vulnerabilities, access control weaknesses, and deviations from Zero Trust principles.
  • Develop remediation roadmaps aligned with enterprise architecture standards.
  • Implement and integrate security technologies including Security Information and Event Management (SIEM), Identity Governance and Administration (IGA), and Privileged Access Management (PAM) solutions to enable automated compliance monitoring and security oversight.
  • Create and maintain project management artifacts including work breakdown structures, risk registers, and resource allocation plans.
  • Establish project governance frameworks and reporting mechanisms to ensure alignment with organizational objectives and regulatory requirements.

Qualifications

  • 8+ years of experience with Technology Companies that deliver controlled technology nationally and internationally.
  • Experience with NIST CSF, NIST SP 800-53, NIST SP 800-171, NIST SP 800-218, NIST SP 800-161, and/or ISO 27001.
  • Proficiency in at least one programming language (e.g., Python, Java, etc.).
  • Background in network and cloud-based platforms (e.g., GCP, AWS, Kubernetes, etc.).
  • Familiarity with containerization technologies and deployments.
  • Experience with Big Data platforms (on premise and cloud).
  • Ability to obtain a USG security clearance.
  • One or more relevant industry certification: CompTIA Security+, CompTIA CySA+, CompTIA CASP+, CISSP, CISM, CISA, ISO 27001, or comparable certifications.

Similar jobs