This role is remote, but candidates must be based in and able to work without restriction in the United States.

What we believe
Over the past two years, more than a trillion dollars has been invested in software companies at record prices. In many cases, the underlying technology is the biggest driver of the business strategy. But are we managing the creation of technology value with governance practices that are proportionate to the scale of the risk?

We believe there is a better approach—a more programmatic, proactive way to actively manage technology throughout the investment lifecycle—and that’s what we do.

Our role
We know technology can drive truly transformative change, and its importance to business is growing. Crosslake supports the people who lead that change by helping them buy, build, and run better technology.

What we value
You may be a great fit for Crosslake if you see yourself reflected in our core values:

Service: We create change by empowering others.
Curiosity: We believe great guidance begins with deep understanding.
Credibility: Our expertise is earned and proven.
Commitment: We consider it a privilege to support clients in their critical moments.
Creativity: We are driven by a constant pursuit of improvement.

In this role, you will:
– Work with private equity and portfolio company clients, advising on how to align an information security vision and strategy with customer business goals.
– Partner with customers to assess and address information security risks.
– Collaborate with customer executives (e.g., CIO, CTO, CEO, DPO) to understand desired changes and help implement them.
– Support the leadership of enterprise-wide cybersecurity operations teams, processes, and incident responses.
– Help manage customer security programs and key compliance efforts, such as SOC, ISO 27001, NIST, PCI, and SOX.
– Plan, direct, and oversee activities related to identifying, containing, mitigating, and recovering from cybersecurity incidents that could harm customer assets or services.
– Represent Crosslake in industry cybersecurity forums and working groups, including sector-focused cyber threat intelligence communities.
– Help customers evaluate, implement, and secure key systems within their environments.
– Analyze and assess customer systems for security and risk exposure, and provide remediation recommendations prioritized by business impact.
– Support the documentation, development, implementation, and ongoing maintenance of security and compliance control processes in customer environments.
– Work with Operations teams to ensure security architectures are properly assessed and supportable.
– Partner with Engineering and Operations teams to implement new technologies and security solutions aligned with industry best practices and secure design principles.

Knowledge
– Knowledge of legal and regulatory requirements, including frameworks such as ISO 27001, PCI, HIPAA, SOC, SOX, and NIST.
– Strong understanding of the requirements of these frameworks and how to implement security best practices within an organization.
– Solid understanding of business management processes, including using information security risk management and cybersecurity technologies.
– Knowledge of application security, cloud security, encryption, identity and access management, mobile security, network security, and virtualization security.

Education/Experience
– 15+ years of securing organizations as an in-house team member or advisor/consultant in roles such as: Chief Information Security Officer, Director/Manager of Information Security, Director/Manager of Compliance, Principal Security Analyst, Principal Security Engineer, or Security Architect.
– Demonstrated ability to successfully implement security controls within an organization.
– Experience leading within fast-paced, complex environments.
– CISSP or an equivalent certification is preferred.

Skills
– Ability to work from home (or a location of your choosing) with strong self-direction, while also collaborating effectively with the team in both remote and in-person settings.
– Strong technical capability and technical depth.
– Willingness to learn and take on new areas beyond your initial comfort zone.
– A genuine drive to help others succeed and strengthen a high-performing team.
– An action-oriented mindset—you know how to get things done.
– Excellent communication with peers, clients, executive leadership, and boards.
– Ability to understand customer objectives and deliver results aligned to those goals.
– Ability to learn quickly while working.
– Ability to respond effectively to rapid changes in needs, processes, and technologies.
– Ability to understand key concepts and communicate clearly and concisely, including technical details and processes.
– Ability to collaborate effectively and build relationships at all levels, especially with senior leaders.
– Strong organizational skills, including performing under pressure and managing multiple priorities with competing demands for resources.
– Strong analytical, data processing, and problem-solving skills.
– Proficiency in creating and improving processes.
– Strong analytical skills, including managing multiple projects under tight timelines and performing effectively in a dynamic environment to achieve objectives.

Crosslake Technologies