Security Principal - Market Growth and Client Leadership

Credera is a global consulting firm that combines transformational consulting capabilities, deep industry knowledge, AI and technology expertise to deliver valuable customer experiences and accelerated growth across various industries. We continuously evolve our services to meet the needs of future organizations and reflect modern best practices. Our unique global approach provides tailored solutions, transforming the most influential brands and organizations worldwide. 

Our employees, the lifeblood of our company, are passionate about making an extraordinary impact on our clients, colleagues, and communities. This passion drives how we spend our time, resources, and talents. Our commitment to our people and work has been recognized globally. Please visit our employer awards page: https://www.credera.com/awards-and-recognition. 

We are seeking an accomplished Principal in Security to drive both the design and execution of advanced security solutions and the growth of our presence in the market. This role is ideal for a highly certified, technically adept, and business-savvy security leader who thrives at the intersection of solution innovation, stakeholder influence, and market generation across industries such as finance, healthcare, technology, critical infrastructure, and the public sector.  Public sector experience is highly preferred. 

This is a unique opportunity for a security leader who thrives on market impact, stakeholder engagement, and technical excellence. If you are ready to shape the future of security for our clients and our business, we encourage you to apply. 

Key Responsibilities 

Market Generation & Business Development 

• Identify, develop, and own new business opportunities in the federal, public, and other regulated sectors.
• Collaborate with account teams and leadership to shape go-to-market strategies and drive demand generation for security offerings.
• Support pre-sales activities: scope security solutions, contribute to proposals, and deliver compelling presentations that resonate with both technical and non-technical stakeholders.
• Proactively engage with clients and prospects to understand needs, position security as a business enabler, and translate technical risk into business value. 

Stakeholder Advisory & Enablement 

• Advise executives, business leaders, and technical teams on security requirements, risk posture, and mitigation strategies in clear, business-relevant language.
• Build strong relationships with account leaders and clients; coach internal teams on communicating the value of security and privacy solutions.
• Evangelize security best practices, emerging trends, and innovative solutions both internally and externally. 

Solution Leadership & Delivery 

• Lead end-to-end security architecture, risk management, and compliance initiatives, including full lifecycle projects (NIST RMF, ISO 27001, SOC 2, PCI DSS, HIPAA, etc.).
• Design and oversee the implementation of security controls for on-premises, cloud, and hybrid environments.
• Develop and execute security strategies, policies, and test plans to ensure regulatory and contractual compliance.
• Utilize automated GRC and security management platforms (e.g., eMASS, Xacta, ServiceNow, Archer) to streamline evidence collection and reporting.
• Map security solutions and team activities to the NICE Cybersecurity Workforce Framework as appropriate. 

Practice Leadership 

• Mentor and guide junior security professionals, fostering a culture of excellence and continuous learning.
• Champion the integration of security thinking across the business and support cross-functional initiatives.
• Stay current with evolving regulatory requirements, emerging threats, and security technologies to proactively advise clients and internal stakeholders. 

Qualifications 

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• 10+ years of progressive cybersecurity experience, including hands-on security architecture, risk management, compliance leadership, and client advisory.
• Demonstrated success leading security or compliance authorization projects and generating new business opportunities in at least two major industries, with a preference for public sector. 
• Deep understanding of both technical and governance aspects of security frameworks (NIST, ISO, SOC, PCI, HIPAA, etc.).
• Hands-on experience with GRC tools and security automation platforms.
• Exceptional communication, client engagement, and stakeholder influence skills; able to translate complex technical topics into business value.
• Track record of mentoring and developing security professionals.
• Strong preference for experience in the federal/public sector or other highly regulated industries. 

 Required Certifications (One or more from each group strongly preferred): 

• Security Architecture & Management: CISSP, CISM, CCSP, CISA, GIAC Security Leadership (GSLC)
• Technical/Implementation: CASP+, GIAC (GCIH, GCED, GSEC, etc.), AWS/Azure/GCP Security Specialty 
• Governance & Compliance: ISO 27001 Lead Implementer/Auditor, PCI QSA, HITRUST, or comparable 

For individuals hired to work in Colorado, Credera is required by law to include a reasonable estimate of the compensation range for this role. This compensation range is specific to the State of Colorado and includes the range of factors considered in making compensation decisions including but not limited to skill sets; experience and training; certifications; etc. We would not anticipate that the individual hired into this role would be near the top end of the compensation range, but that decision will be dependent on the facts associated with each specific individual’s relevant experience for the role.

Denver Pay Range$166,000—$230,000 USD

Learn More: Credera is part of the Omnicom Precision Marketing Group (OPMG), a division of Omnicom Group Inc. OPMG is a global network of agencies that leverage data, technology, and CRM to create personalized and impactful customer experiences. OPMG offers a range of services, such as data-driven product / service design, technology strategy and implementation, CRM / loyalty strategy and activation, econometric and attribution modelling, technical and business consulting, and digital experience design and development.   

Benefits: Credera provides a competitive salary and comprehensive benefits plan. Benefits include health, mental health, vision, dental, and life insurance, prescriptions, fertility and adoption benefits, community service days, paid parental leave, PTO, 14 paid holidays, matching 401(k), Healthcare & Dependent Flexible Spending Accounts, and disability benefits. For more information regarding Omnicom benefits, please visit www.omnicombenefits.com.  

Hybrid Working Model: Our employees have the flexibility to work remotely two days a week. We expect team members to spend three days in person, with the freedom to choose the days and times that best suit them, their project, and their teams. You'll collaborate with your project team to balance flexibility with the benefits of in-person connection, delivering outstanding results for our clients. The Why: In-person engagement is essential for building strong relationships with clients and colleagues. It fosters trust, encourages learning, and helps us grow as consultants and professionals. 

Travel: For our consulting roles, our goal is to minimize travel, and most projects do not require extensive travel. While some projects may involve up to 80% travel for a period, the annual average for team members is typically 10%–30%. We take a personal approach to travel by considering your submitted preferences when assigning roles. 

All qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity, sexual orientation, national origin, age, genetic information, veteran status, or disability.   

Credera will never ask for money up front and will not use apps such as Facebook Messenger, WhatsApp or Google Hangouts for communicating with you. You should be very wary of, and carefully scrutinize, any job opportunity that asks for money prior to starting and/or one where all communications take place exclusively via chat.