Principal Security Consultant

Principal Security Consultant

Remote, US

As a Principal Security Consultant, you will function as a Security Advisory Services lead Security Consultant for ePlus service solutions, reporting to the Managing Security Consultant, to drive Advisory Services delivery/revenue growth and capture security program services within the customer account portfolio.

You will be a trustworthy and experienced leader who leverages your knowledge, skills, and experience to assist in the definition of the service catalogue and deliver exceptional advisory services to ePlus clients. Your primary responsibilities will be program consulting, technical and leadership tasks and include providing guidance and mentorship to the consulting team. Responsibilities include refining existing Practice offerings, developing new Practice offerings, assisting with pre-sales activities, and performing programmatic assessments along with on-going advisement services for our clients.

Your Impact

The essential functions of this position include:

• Business objectives; identified cyber risks, data risks, and regulatory requirements. Map these to ePlus security and data governance services to achieve measurable improvements in security posture, compliance, and information lifecycle management. Leverage the broader team to support these services as appropriate.
• Effectively lead engagements as a subject matter expert (SME) to deliver client projects. Lead meetings, track team tasks, and present deliverables to client stakeholders across executive, operational, and technical audiences.
• Conduct security and data governance program assessments and measure the effectiveness of client environments as it relates to:
• Existing technical and administrative controls
• Data classification and handling practices
• Data lifecycle management
• Privacy and regulatory compliance requirements
• Alignment to industry security and governance frameworks
• Design, develop, and operationalize Data Governance Programs, including:
• Governance charters and operating models
• Data ownership and stewardship models
• Data classification frameworks
• Data retention and disposition standards
• Policy and control documentation
• Risk scoring methodologies for sensitive and regulated data
• Integration of data governance into existing security and compliance programs
• Develop tailored consulting engagements specific to a client's security and data governance maturity, risk profile, regulatory exposure, and budget constraints.
• Develop and produce comprehensive engagement deliverables tailored to both technical and managerial audiences, fully detailing;
• Technical execution
• Identified control and governance deficiencies
• Business and regulatory impact
• Risk prioritization
• Practical and sustainable remediation strategies
• Establish credibility with the ePlus sales team and customers as a trusted advisor focused on risk identification, mitigation, and strategic program development across both cybersecurity and data governance domains
• Conduct customer-facing presentations on ePlus' core competencies, including security advisory services, governance strategy, compliance alignment, and data governance program development.
• Assist the sales team with overall account planning as it relates to security and data governance program development services.
• Assist the sales team with identifying and capturing customer business, regulatory, and data management requirements during the sales cycle and determining ePlus' recommended solution approach.
• Contribute to marketing and thought leadership initiatives via publishing research, speaking at industry conferences, authoring blog articles and whitepapers, hosting webinars, and developing repeatable security and data governance processes and templates.
• Assist with practice development, including improving existing offerings, creating new service offerings (including emerging governance and AI/data risk services), and mentoring team members.
• Foster client relationships by providing strategic guidance, proactive insight, and ongoing advisory support.
• Lead technical scoping and review sessions with Client Security Principals, Account Executives, and sales teams, as well as customer stakeholders, to develop and finalize services proposals and Statements of Work.
• Function as a subject matter expert (SME) for customer staff regarding proposed services and their design, purpose, delivery methodology, and measurable outcomes.
• Conduct knowledge transfers with solution architect colleagues and sales teams regarding discovered technical and service opportunities, lessons learned from engagements, and emerging governance or regulatory trends.
• As appropriate, assist the sales team in addressing customer satisfaction issues related to recommended solutions and assist in developing structured remediation or "get well" plans.
• Identify emerging product or service candidates to sales and services management as new solution areas for ePlus to potentially develop or invest in, particularly in areas related to data governance, regulatory evolution, and risk management.
• Complete and/or register for training and maintain relevant certifications in cybersecurity, governance, privacy, and regulatory frameworks as requested and approved by management.
• Participate in weekly service pipeline and progress calls with the Managing Security Consultant Manager and be prepared to review:
• Current pipeline opportunities
• 60-day revenue forecast
• Win probability
• Estimated delivery timelines
• Function as a subject matter expert (SME) for customer staff regarding proposed services and their design, purpose, delivery, and other relevant specifics
• Conduct knowledge transfers with solution architect colleagues and sales teams regarding discovered technical and service opportunities, lessons learned from previous engagements/experience, etc. as relevant
• As appropriate, assist sales team in dealing with customer satisfaction issues surrounding approach of a recommended solution and assist in developing a 'get well' plan
• Identify product or services candidates to sales and services management as new solution areas for ePlus to potentially develop or invest in
• Complete and/or register for training and maintain relevant certification(s) as requested and approved by immediate manager in accordance with assigned focus area
• Participate in weekly service pipeline and progress conference calls with the Managing Security Consultant manager and be prepared to review on a weekly basis the current pipeline of opportunities being worked on and forecast for the next 60 days the potential revenue associated to them, win probability, and estimated date of completion

Qualifications

• Bachelor's degree preferred (Cyber Security and/or Computer Science)
• 5 to 10 years of applicable Security Consulting experience
• Hold certifications (CRISC, CISA, CISSP) commensurate with the technology and solutions focused on Security as well as Governance, Risk & Compliance (GRC)
• Security Consulting experience
• IT Audit General Controls knowledge
• Solutions selling sales cycle understanding
• Generating and presenting customer facing presentations
• Familiar with account planning, pipeline management and forecasting
• Ability to draft/compile well written proposals and statements of work and customer deliverables
• Advanced written and oral communication skills
• Seasoned in technical strategy and architecture steering, review, and documentation
• Well versed in threat modeling, attack frameworks, and industry standard program frameworks such as NIST, ISO 27001, CIS 20 and PCI
• Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed
• Ability to discuss and sell Security Consulting engagements, based on Customer business needs, compliance standards and take ownership of closing and completing these engagements

Position Specifics

The initial base salary range for this position is expected to be between $160,000 and $210,000 annually. The final base salary offered will be determined by multiple factors, including, but not limited to, job-related knowledge, depth of experience, skills, certifications, and geographic location. In addition to the base salary, our compensation structure may include other components such as commissions and discretionary bonuses.

ePlus offers a full range of medical, financial, and/or other benefits (including 401(k) eligibility, employee stock purchase program and various paid time off benefits, such as vacation, sick time, and personal leave), dependent on the position offered. Details of participation in these benefit plans will be provided if an offer of employment is extended.

If hired, employee will be in an "at-will position" and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

Who We Are

At ePlus, we believe technology is a people business. Our team is passionate, skilled, and driven to deliver solutions that make a real difference. Join us and be part of a culture that values collaboration, innovation, and extraordinary results.

Corporate Values

• Respectful communication and cooperation: We prioritize respectful communication, fostering an