GRC Cybersecurity Consultant

El Tenampa, LLC
New York, United States of America
6 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 140K

Job location

Remote
New York, United States of America

Tech stack

Microsoft Windows
Artificial Intelligence
Amazon Web Services (AWS)
Microsoft Antivirus
Build Automation
Azure
Microsoft Online Services
Software as a Service
Cloud Computing
Cloud Computing Security
Control Objectives for Information and Related Technology (COBIT)
Computer Security
Identity and Access Management
Microsoft Security Essentials
SharePoint
Google Cloud Platform
Microsoft InTune
AI Platforms
Gsuite
CIS Benchmarks
Security Orchestration, Automation & Response

Job description

Our clients include hedge funds, private equity firms, venture capital firms, RIAs, family offices, technology companies, and professional services organizations. We are intentionally a small team where everyone has an opportunity to make an impact, contribute ideas, and help shape the direction of the firm., · Lead cybersecurity consulting engagements from kickoff through final delivery with minimal oversight.

  • Perform security assessments across Microsoft 365, Azure, AWS, Google Cloud Platform (GCP), Google Workspace, and other SaaS platforms.
  • Evaluate identity, cloud, endpoint, collaboration, email, and data protection controls and provide practical, risk-based recommendations.
  • Conduct cybersecurity risk assessments using NIST CSF 2.0, CIS Controls, ISO 27001, COBIT, and applicable regulatory requirements.
  • Develop policies, standards, incident response plans, business continuity plans, AI governance documentation, and other security program documentation.
  • Perform third-party risk management and vendor security assessments.
  • Provide cybersecurity awareness training
  • Facilitate cybersecurity tabletop exercises
  • Translate technical findings into business risks executives can understand.
  • Advise clients on cloud security architecture, governance, and security best practices.
  • Communicate emerging risks, trends, and recommendations before they become larger issues.
  • Help clients prioritize remediation based on business impact and risk.
  • Participate in AI security and governance assessments.
  • Contribute to Elteni methodologies, templates, automation, and new service offerings.
  • Mentor junior consultants and review deliverables.
  • Stay current on emerging technologies, AI, cloud security, and evolving threats.

What Success Looks Like

  • Independently lead client engagements from kickoff through executive presentation.
  • Perform Microsoft 365, Azure, cloud, and SaaS assessments with little or no guidance.
  • Become a trusted advisor clients rely on.
  • Produce executive-ready reports requiring minimal review.
  • Apply cybersecurity frameworks to real business environments.
  • Balance technical depth with business and regulatory considerations.
  • Mentor junior consultants and improve the quality of the practice.
  • Continue expanding your knowledge in cloud security, AI, identity, and emerging threats., * Have you performed a cybersecurity audit or risk assessment?
  • Describe a control deficiency you identified that senior leadership disagreed with. How did you handle it and what happened next?
  • Tell me about the last time you had to push back on an audit or assessment finding. What was the situation/finding, what did you recommend, and what was the outcome?
  • How have you handled documenting compensating controls in past engagements?
  • If we called your last company or client and asked what your biggest improvement was to their cyber program, what would they say?

Requirements

We're looking for an experienced cybersecurity consultant who can independently lead client engagements from planning through final presentation. This is a senior-level consulting role for someone who enjoys balancing technical security with governance, risk, and compliance while serving as a trusted advisor. Beyond client work, you'll help improve our methodologies, build automation, and contribute to new service offerings., * Strong Microsoft 365 and Azure security experience.

  • Working knowledge of AWS and/or Google Cloud Platform.
  • Experience assessing SaaS environments.
  • Strong understanding of Entra ID, Conditional Access, Exchange Online, SharePoint Online, Teams, Intune, Microsoft Defender, and identity security.
  • Ability to independently perform technical cloud and SaaS assessments.

Governance, Risk & Compliance

  • Experience applying NIST CSF 2.0, CIS Controls, ISO 27001, COBIT, and relevant regulatory frameworks.
  • Ability to translate technical findings into practical business recommendations.

Consulting Skills

  • Excellent written and verbal communication skills.
  • Experience presenting to technical teams and executive leadership.
  • Ability to manage multiple client engagements.
  • Strong critical thinking and problem-solving skills.

AI Knowledge

Working knowledge of enterprise AI platforms, AI governance, AI security risks, and responsible AI adoption. Curiosity and a desire to continue learning are more important than being an expert.

Preferred Experience

  • Financial services experience.
  • AI governance or AI security assessments.
  • Security architecture.
  • Security automation.
  • Development of consulting methodologies or new service offerings.

Preferred Certifications

  • CISSP
  • CISM
  • CISA
  • CCSP
  • Microsoft Security Certifications
  • AWS Certified Security - Specialty
  • Google Professional Cloud Security Engineer, * Consulting: 6 years (Required)
  • Cybersecurity Assessment: 6 years (Required)
  • Policy Development: 6 years (Required)
  • TRPM: 6 years (Required)

Work Location: Hybrid remote in New Hyde Park, NY 11040

Benefits & conditions

Pulled from the full job description

  • Professional development assistance
  • Parental leave
  • 401(k)
  • Health insurance
  • 401(k) matching
  • Paid time off
  • Employee discount, * Competitive compensation
  • Medical, dental, and vision insurance
  • 401(k) with company match
  • Flexible hybrid and remote work options
  • Generous paid time off and company holidays
  • Professional development and certification support
  • Collaborative, entrepreneurial culture

Job Type: Full-time

Pay: $100,000.00 - $140,000.00 per year, * 401(k)

  • 401(k) matching
  • Dental insurance
  • Employee discount
  • Flexible spending account
  • Health insurance
  • Health savings account
  • Life insurance
  • Paid time off
  • Parental leave
  • Professional development assistance
  • Vision insurance

About the company

Elteni is a boutique cybersecurity consulting firm that helps organizations strengthen their security posture through practical, thoughtful, and highly personalized consulting services. We partner with organizations that expect more than a checklist. They rely on us to understand their business, identify meaningful risks, and provide recommendations they can actually implement.

Apply for this position