Director, National Security-Cybersecurity Governance
$130k - $175kAlvarez & Marsal
Description
About Alvarez & Marsal Alvarez & Marsal is a premier independent global professional services firm specializing in providing turnaround management, restructuring, performance improvement and corporate advisory services. Our talent drives our success, resulting in our growing Disputes and Investigations practice becoming one of the most respected in the industry. From the boardroom to the courtroom, the firm delivers a wide array of solutions to contentious situations by drawing on the deep skills, diverse disciplines and experiences of its professionals. We are recognized by Global Arbitration Review as one of the leading firms of independent experts for arbitration and considered a top three firm by Who's Who Legal based on the number of experts across the globe. Our clients include major banks, leading law firms, private equity firms and well-known corporations and upper-mid-sized companies. The Team At A&M you will have the opportunity to work with a diverse team of supportive and motivated professionals that love to share their knowledge and depth of industry experience with others. A&M's Disputes and Investigations practice comprises professionals from a wide range of backgrounds, who bring and share their deep expertise in conducting investigations and delivering expert witness reports. We have an inclusive developmental environment where everyone has the opportunity to learn and grow. Our culture is characterized by openness and entrepreneurial thinking, with a foundation of mutual respect and high-quality standards for our work. We strive to remove bureaucracy in favor of recognizing effort and results through advancement opportunities and a motivating performance-based reward structure. How you will contribute With the rapidly changing geopolitical environment, competition for sensitive technologies, and risks associated with potential exploitation of sensitive personal and business data, demand for national security-focused risk analysis and mitigation is growing significantly. Our team supports organizations, investors and counsel in identifying, assessing, and reducing national security-related risk through modern security architectures and enterprise-grade solutions. We focus on implementing Zero Trust security frameworks, establishing robust Identity and Access Management (IAM) controls, and embedding regulatory requirements into business systems and processes. Our approach facilitates transparency between companies and regulators by leveraging data analytics, automated compliance monitoring, and advanced security tooling. The team serves as fiduciary to U.S. government agencies as either third-party monitor or third-party auditor, ensuring adherence to federal security standards and frameworks. Responsibilities: • Lead cross-functional project teams in executing advisory, oversight, and audit projects related to Foreign Direct Investment (FDI) national security reviews, export and technology controls, and Cybersecurity Maturity Model Certification (CMMC). Develop comprehensive project plans, establish key milestones, and manage resource allocation using enterprise project management methodologies and tools. • Design and implement Zero Trust architecture frameworks and IAM solutions, including privileged access management (PAM), role-based access control (RBAC), and continuous authentication mechanisms. Collaborate with client security personnel to define and document security controls for distributed, big data systems with emphasis on least-privilege access principles. • Conduct enterprise-wide security assessments to verify the efficacy of administrative, technical, and physical safeguards, with particular focus on identity governance, access management, and Zero Trust implementation. Evaluate security control maturity against industry frameworks such as NIST 800-53, ISO 27001, and CMMC. • Direct comprehensive security assessments of applications and software, including: (i) reviewing architecture diagrams with emphasis on identity and access flows; (ii) interviewing personnel across DevSecOps teams; (iii) evaluating IAM integration points and Zero Trust implementation; (iv) overseeing static and dynamic code analysis; (v) managing network penetration testing; and (vi) preparing detailed technical reports for senior counsel, executives, and national security officials. • Analyze and interpret penetration test results, focusing on identity-related vulnerabilities, access control weaknesses, and deviations from Zero Trust principles. Develop remediation roadmaps aligned with enterprise architecture standards. • Implement and integrate security technologies including Security Information and Event Management (SIEM), Identity Governance and Administration (IGA), and Privileged Access Management (PAM) solutions to enable automated compliance monitoring and security oversight. • Create and maintain project management artifacts including work breakdown structures, risk registers, and resource allocation plans. Establish project governance frameworks and reporting mechanisms to ensure alignment with organizational objectives and regulatory requirements. • Availability for up to 20% travel required to client sites and security assessment locations. Qualifications: • 8+ years of experience with Technology Companies that deliver controlled technology nationally and internationally • Experience with NIST CSF, NIST SP 800-53, NIST SP 800-171, NIST SP 800-218, NIST SP 800-161, and/or ISO 27001 • Experience working in cybersecurity governance (i.e., experience working with NIST CSF; NIST 800-171 and -53; CIS-18 IG1 and ISO 27001) • Proficiency in at least one programming language (e.g., Python, Java, etc.) • Background in network and cloud-based platforms (e.g., GCP, AWS, Kubernetes, etc.) • Familiarity with containerization technologies and deployments • Experience with Big Data platforms (on premise and cloud) • Ability to obtain a USG security clearance • One or more relevant industry certification: CompTIA Security+, CompTIA CySA+, CompTIA CASP+, CISSP, CISM, CISA, ISO 27001, or comparable certifications Your journey at A&M We recognize that our people are the driving force behind our success, which is why we prioritize an employee experience that fosters each person's unique professional and personal development. Our robust performance development process promotes continuous learning, rewards your contributions, and fosters a culture of meritocracy. With top-notch training and on-the-job learning opportunities, you can acquire new skills and advance your career. We prioritize your well-being, providing benefits and resources to support you on your personal journey. Our people consistently highlight the growth opportunities, our unique, entrepreneurial culture, and the fun we have together as their favorite aspects of working at A&M. The possibilities are endless for high-performing and passionate professionals. Full-time Positions and Part-time Positions Over 30 hours Regular employees working 30 or more hours per week are also entitled to participate in Alvarez & Marsal Holdings' fringe benefits consisting of healthcare plans, flexible spending and savings accounts, life, AD&D, and disability coverages at rates determined from time to time as well as a 401(k) retirement plan. Provided the eligibility requirements are met, employees will also receive a discretionary contribution to their 401(k) from Alvarez & Marsal. Additionally, employees are eligible for paid time off including vacation, personal days, seventy-two (72) hours of sick time (prorated for part time employees), ten federal holidays, one floating holiday, and parental leave. The amount of vacation and personal days available varies based on tenure and role type. Click here for more information regarding A&M's benefits programs. The salary range is $130,000 - $175,000 annually, dependent on several variables including but not limited to education, experience, skills, and geography. In addition, A&M offers a discretionary bonus program which is based on a number of factors, including individual and firm performance. Please ask your recruiter for details. Alvarez & Marsal recruits on an ongoing basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) that they are qualified for and that are of interest to them. A&M does not require or administer lie detector tests as a condition of employment or continued employment. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
#LI-NM1
About Alvarez & Marsal Alvarez & Marsal is a premier independent global professional services firm specializing in providing turnaround management, restructuring, performance improvement and corporate advisory services. Our talent drives our success, resulting in our growing Disputes and Investigations practice becoming one of the most respected in the industry. From the boardroom to the courtroom, the firm delivers a wide array of solutions to contentious situations by drawing on the deep skills, diverse disciplines and experiences of its professionals. We are recognized by Global Arbitration Review as one of the leading firms of independent experts for arbitration and considered a top three firm by Who's Who Legal based on the number of experts across the globe. Our clients include major banks, leading law firms, private equity firms and well-known corporations and upper-mid-sized companies. The Team At A&M you will have the opportunity to work with a diverse team of supportive and motivated professionals that love to share their knowledge and depth of industry experience with others. A&M's Disputes and Investigations practice comprises professionals from a wide range of backgrounds, who bring and share their deep expertise in conducting investigations and delivering expert witness reports. We have an inclusive developmental environment where everyone has the opportunity to learn and grow. Our culture is characterized by openness and entrepreneurial thinking, with a foundation of mutual respect and high-quality standards for our work. We strive to remove bureaucracy in favor of recognizing effort and results through advancement opportunities and a motivating performance-based reward structure. How you will contribute With the rapidly changing geopolitical environment, competition for sensitive technologies, and risks associated with potential exploitation of sensitive personal and business data, demand for national security-focused risk analysis and mitigation is growing significantly. Our team supports organizations, investors and counsel in identifying, assessing, and reducing national security-related risk through modern security architectures and enterprise-grade solutions. We focus on implementing Zero Trust security frameworks, establishing robust Identity and Access Management (IAM) controls, and embedding regulatory requirements into business systems and processes. Our approach facilitates transparency between companies and regulators by leveraging data analytics, automated compliance monitoring, and advanced security tooling. The team serves as fiduciary to U.S. government agencies as either third-party monitor or third-party auditor, ensuring adherence to federal security standards and frameworks. Responsibilities: • Lead cross-functional project teams in executing advisory, oversight, and audit projects related to Foreign Direct Investment (FDI) national security reviews, export and technology controls, and Cybersecurity Maturity Model Certification (CMMC). Develop comprehensive project plans, establish key milestones, and manage resource allocation using enterprise project management methodologies and tools. • Design and implement Zero Trust architecture frameworks and IAM solutions, including privileged access management (PAM), role-based access control (RBAC), and continuous authentication mechanisms. Collaborate with client security personnel to define and document security controls for distributed, big data systems with emphasis on least-privilege access principles. • Conduct enterprise-wide security assessments to verify the efficacy of administrative, technical, and physical safeguards, with particular focus on identity governance, access management, and Zero Trust implementation. Evaluate security control maturity against industry frameworks such as NIST 800-53, ISO 27001, and CMMC. • Direct comprehensive security assessments of applications and software, including: (i) reviewing architecture diagrams with emphasis on identity and access flows; (ii) interviewing personnel across DevSecOps teams; (iii) evaluating IAM integration points and Zero Trust implementation; (iv) overseeing static and dynamic code analysis; (v) managing network penetration testing; and (vi) preparing detailed technical reports for senior counsel, executives, and national security officials. • Analyze and interpret penetration test results, focusing on identity-related vulnerabilities, access control weaknesses, and deviations from Zero Trust principles. Develop remediation roadmaps aligned with enterprise architecture standards. • Implement and integrate security technologies including Security Information and Event Management (SIEM), Identity Governance and Administration (IGA), and Privileged Access Management (PAM) solutions to enable automated compliance monitoring and security oversight. • Create and maintain project management artifacts including work breakdown structures, risk registers, and resource allocation plans. Establish project governance frameworks and reporting mechanisms to ensure alignment with organizational objectives and regulatory requirements. • Availability for up to 20% travel required to client sites and security assessment locations. Qualifications: • 8+ years of experience with Technology Companies that deliver controlled technology nationally and internationally • Experience with NIST CSF, NIST SP 800-53, NIST SP 800-171, NIST SP 800-218, NIST SP 800-161, and/or ISO 27001 • Experience working in cybersecurity governance (i.e., experience working with NIST CSF; NIST 800-171 and -53; CIS-18 IG1 and ISO 27001) • Proficiency in at least one programming language (e.g., Python, Java, etc.) • Background in network and cloud-based platforms (e.g., GCP, AWS, Kubernetes, etc.) • Familiarity with containerization technologies and deployments • Experience with Big Data platforms (on premise and cloud) • Ability to obtain a USG security clearance • One or more relevant industry certification: CompTIA Security+, CompTIA CySA+, CompTIA CASP+, CISSP, CISM, CISA, ISO 27001, or comparable certifications Your journey at A&M We recognize that our people are the driving force behind our success, which is why we prioritize an employee experience that fosters each person's unique professional and personal development. Our robust performance development process promotes continuous learning, rewards your contributions, and fosters a culture of meritocracy. With top-notch training and on-the-job learning opportunities, you can acquire new skills and advance your career. We prioritize your well-being, providing benefits and resources to support you on your personal journey. Our people consistently highlight the growth opportunities, our unique, entrepreneurial culture, and the fun we have together as their favorite aspects of working at A&M. The possibilities are endless for high-performing and passionate professionals. Full-time Positions and Part-time Positions Over 30 hours Regular employees working 30 or more hours per week are also entitled to participate in Alvarez & Marsal Holdings' fringe benefits consisting of healthcare plans, flexible spending and savings accounts, life, AD&D, and disability coverages at rates determined from time to time as well as a 401(k) retirement plan. Provided the eligibility requirements are met, employees will also receive a discretionary contribution to their 401(k) from Alvarez & Marsal. Additionally, employees are eligible for paid time off including vacation, personal days, seventy-two (72) hours of sick time (prorated for part time employees), ten federal holidays, one floating holiday, and parental leave. The amount of vacation and personal days available varies based on tenure and role type. Click here for more information regarding A&M's benefits programs. The salary range is $130,000 - $175,000 annually, dependent on several variables including but not limited to education, experience, skills, and geography. In addition, A&M offers a discretionary bonus program which is based on a number of factors, including individual and firm performance. Please ask your recruiter for details. Alvarez & Marsal recruits on an ongoing basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) that they are qualified for and that are of interest to them. A&M does not require or administer lie detector tests as a condition of employment or continued employment. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
#LI-NM1
Vacancy posted 5 days ago
Similar jobs that could be interesting for youBased on the Director, National Security-Cybersecurity Governance in San Francisco, CA vacancy
$279.8k - $329.2k
...Join Vectra AI Job Openings at Vectra AI Director, Security Engineering US - California Vectra® is... ...leader who thrives in high-growth cybersecurity environments and is passionate about helping... ...race, color, ancestry, religion, sex, national origin, sexual orientation, age,...SuggestedWorldwide$169.01k - $370.53k
...currently seeking a Specialist Director, MAST Application... ...delivery of Managed Application Security Testing (MAST) services, ensuring... ...testing, or related cybersecurity domains, with at least three... ...orientation, gender identity, national origin, citizenship status,...SuggestedH1bLocal area- ...Salesforce, Inc. is seeking a Director of Product Management to lead the Partner Security, Governance, and Guardrails Platform in San Francisco. The role involves defining the strategy for ensuring partner-deployed technology remains secure and compliant. You will manage...Suggested
- ...enterprise spends millions of dollars on Governance, Risk, and Compliance (GRC). It's one of... ...the best. Our team includes AI and security leaders from Airbnb, Microsoft, Deloitte... ...orientation, gender identity/expression, national origin, disability, age, genetic information...SuggestedWork at officeVisa sponsorshipFlexible hours
$85k - $110k
...welcome and respected, regardless of race, color, religion, sex, national origin, age, disability, veteran status, sexual orientation,... ...innovation and strengthen our ability to create cutting‑edge cybersecurity solutions. At Horizon3, every team member is valued and...SuggestedFull timeWork at officeRemote workFlexible hours$198k - $368k
...future as we are, join our team. KPMG is currently seeking a Director, Security Compliance to join our Digital Security team.... ...color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status...Temporary workH1bLocal area$200k - $350k
...Director Private Securities San Francisco, California, United States At Forge, we know our team is our greatest asset. As technology innovators... ...conditions), gender, gender identity, gender expression, national origin, ancestry, age, physical or mental disability,...Work at officeLocal area2 days per week3 days per week$260k - $340k
...for financial institutions, businesses, governments and developers, we are improving the... ...build real world value. The Work: As the Director of Security Engineering, you will be responsible... ..., sex, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital...Full timeLocal area$161.9k - $218.6k
...Product Marketing Manager (PMM) who can shape the future of cloud cybersecurity. As the world's leading cloud and AI provider with 200+... ...across multiple domains - from threat detection and network security to identity and access management. We're looking for a...Local areaFlexible hours$290k - $365k
...systems. About the Role As a Technical Program Manager for Security, you'll drive execution of high-stakes programs that span... ...Have a deep interest in and/or a willingness to learn about cybersecurity or regulatory compliance. Have experience leveraging LLMs...Contract workWork at officeVisa sponsorshipFlexible hours$175k - $210k
...automate critical workflows all without moving data or breaking governance. Sigma supports a spreadsheet interface, SQL, Python, and... ...strong team regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status,...Full timeWork at officeRelocationFlexible hours$185k - $296k
...About the Role Figma’s Security team is growing, and we’re looking for a Security Operations Manager to lead the strategy and execution... ...opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status,...Work from home$172k - $250k
...Grant Thornton is seeking a Director of Information Security Audit & Compliance to... ...information security program is governed through a consistent,... ...program to NIST Cybersecurity Framework (CSF) and NIST... ...to race, color, religion, national origin, sex, age, marital...InternshipSeasonal workWork at officeLocal areaFlexible hours3 days per week- ...Senior Director Of Product Security Zendesk is building the future of AI-powered customer and employee service. Our products help organizations... ...'s degree in Computer Science, Software Engineering, Cybersecurity, Information Systems, or a related technical field, or...Shift work
$100k - $180k
...safety software any organization will ever need. A protection layer for every individual. We're laying that foundation with AI Governance. Our product Charter is an agent that monitors and flags misuse of AI in line with firm policies and client rules in real time....Visa sponsorshipRelocation package$100k - $155k
...and execution of enterprise cybersecurity actions across multiple technical... ...Coordinate with designated security personnel and operational... ...accordance with established governance and compliance requirements.... ...color, religion, sex, age, national origin, disability, veteran...$30 - $38 per hour
...and support for cloud-based platforms and cybersecurity initiatives. As a secondary... ...Ops & Facilities Specialist helps ensure secure, efficient, and compliant technology, business... ...sexual orientation, race, color, religion, national origin, disability, protected Veteran...Hourly payFull timeFor contractorsWork experience placementSummer holidayWork at officeLocal areaRemote workFlexible hoursAfternoon shiftWeekday work- ...action/equal opportunity employer and does not discriminate in hiring or employment on the basis of age, sex, race, color, religion, national origin, gender identity, veteran status, disability, sexual orientation or any other protected status. Benefits We offer a...Remote work
$152k
...About the role We are looking for a Product Security Manager to lead a team focused on cloud, data, and AI security within our Product... ...applicants without regard to race, color, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, marital or...Full timeWork at officeLocal areaRemote workFlexible hoursShift workNight shift$195k - $205k
...unstructured data into insights instantly. As Security & Compliance Manager , you’ll be... ...and managing out our Security and GRC (Governance, Risk and Compliance) program, driving strategy... ..., gender perception or identity, national origin, age, marital status, protected veteran...Work at officeFlexible hoursWeekend work$152k
...We are looking for a Product Security Manager to lead a team focused on cloud, data, and AI security within our Product Security organization... ...without regard to race, color, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, marital or family...Full timeWork at officeLocal areaRemote workFlexible hoursShift workNight shift$170k - $210k
...Director Of Operations SuperAnnotate helps the world's leading AI teams build responsible, next-generation models powered by high-quality... ...offer equal opportunity regardless of sex, sexual orientation, national origin, color, race, age, marital status, disability, gender...Contract work$140k - $245k
...Technical Program Manager (TPM) to support our Security Operations team. In this role, you'll... ..., vendor security and technology governance processes, risk assessments, security investigations... ...race, color, ancestry, religion, sex, national origin, sexual orientation, age,...Full timeRemote workWork from home$285k - $350k
...started. Role Overview We're looking for a Director of Security Engineering to build and scale the... ...authorization, authentication, access governance, secrets management, and privileged... ...orientation, gender identity/expression, national origin, disability, age, genetic...$250k - $320k
...running our company operating system. We are seeking a BizOps Director to lead our San Francisco team while also contributing as a strong... ...and do not discriminate based on race, religion, color, national origin, ancestry, physical disability, mental disability, medical...Work at office3 days per week$179k - $246k
...Secure Every Identity, from AI to Human. Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted... ..., color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physical or mental disability...Local areaWorldwideFlexible hours$90k - $100k
...applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other...Hourly payFull timeContract workLocal area- ...development opportunities. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship, disability, protected veteran status, or any other basis that is prohibited by law. This description is not...
- ...Director, Operations The Director of Operations (Investor Relations) oversees all investor operations, client services, and team performance... ..., sex, sexual orientation, gender identity or expression, age, national origin, disability, veteran status, or any other characteristic...Local areaFlexible hours
$10 per hour
...South America. The Role We’re looking for a Director of Revenue Operations to build and scale... ...journey Implement scalable pipeline governance and stage definitions Drive cross‑functional... ...status such as race, religion, color, national origin, sex, sexual orientation, gender...Remote workFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Director, National Security-Cybersecurity Governance. Be the first to apply!
Related searches
- corporate security manager San Francisco, CA
- security systems manager San Francisco, CA
- security manager San Francisco, CA
- security engineering manager San Francisco, CA
- program manager with security clearance San Francisco, CA
- director information security San Francisco, CA
- director global security San Francisco, CA
- senior director information security San Francisco, CA
- surveillance manager San Francisco, CA
- product security manager San Francisco, CA



