Cybersecurity Consultant (CISO) Dallas

Role Overview:

We are seeking an experienced Cybersecurity Consultant to design and implement a comprehensive cybersecurity program across our diverse portfolio. The ideal candidate will have a deep understanding of cybersecurity risk management, compliance, and threat mitigation, and will take a CISO-like approach to establish a robust cybersecurity strategy and roadmap. This role will involve assessing the current state of security across the portfolio, identifying key vulnerabilities, and developing actionable plans to improve maturity and lower risk across all businesses.

Key Responsibilities:

1. Cybersecurity Program Design & Strategy:
   • Develop and implement a cohesive cybersecurity program tailored to the unique needs and risks of the real estate, healthcare, and financial services industries.
   • Design a comprehensive cybersecurity strategy to improve overall security posture, including policies, procedures, frameworks, and tools.
   • Establish a clear roadmap for enhancing cybersecurity maturity across the portfolio, prioritizing high-impact initiatives.
   • Ensure alignment of the cybersecurity strategy with business goals and regulatory requirements (e.g., HIPAA, PCI DSS, GDPR).
2. Risk Assessment & Threat Management:
   • Conduct regular cybersecurity risk assessments across the portfolio to identify vulnerabilities and threats.
   • Recommend and implement risk mitigation strategies to reduce exposure to cyber threats, including internal and external attacks.
   • Work with internal teams to conduct threat modeling, penetration testing, and vulnerability assessments.
   • Advise on incident response planning, disaster recovery, and business continuity planning to minimize the impact of potential cybersecurity breaches.
3. Cybersecurity Maturity & Improvement:
   • Evaluate the existing cybersecurity maturity level of each portfolio company and recommend improvements to enhance controls, processes, and technologies.
   • Build a continuous improvement plan with clear milestones and KPIs to track progress in cybersecurity maturity.
   • Establish and promote a culture of cybersecurity awareness, ensuring that teams across the organization understand their role in maintaining security.

1. Compliance & Regulatory Requirements:
   • Ensure that the cybersecurity program is in compliance with industry-specific regulations (e.g., healthcare, financial services, real estate) and global standards.
   • Collaborate with legal, audit, and compliance teams to ensure that the organization’s cybersecurity measures meet all regulatory and industry-specific compliance requirements.
   • Oversee audits and assessments to ensure compliance with regulatory bodies, including the management of external audits and certifications.
2. Stakeholder Communication & Reporting:
   • Serve as a trusted advisor to senior leadership on cybersecurity matters, providing regular updates and reports on risk, strategy, and security posture.
   • Develop executive-level presentations, reports, and risk assessments for the C-suite and Board of Directors.
   • Facilitate discussions around the prioritization of cybersecurity investments, balancing risk with business objectives.
3. Talent Development & Team Collaboration:
   • Collaborate with internal IT and cybersecurity teams to assess skills, knowledge gaps, and training needs.
   • Help identify cybersecurity talent requirements and support recruitment, retention, and skill development efforts.
   • Lead and mentor internal teams, fostering a culture of security and ensuring the organization is well-equipped to handle emerging cybersecurity challenges.
4. Vendor & Third-Party Risk Management:
   • Assess the cybersecurity risk associated with third-party vendors, partners, and contractors.
   • Develop and enforce cybersecurity policies and procedures to ensure third-party vendors meet security and compliance standards.
   • Collaborate with procurement and legal teams to ensure cybersecurity requirements are incorporated into vendor contracts and agreements.
5. Incident Response & Crisis Management:
   • Lead the design, implementation, and testing of incident response and crisis management plans.
   • Provide strategic oversight during cybersecurity incidents, ensuring timely and effective response, containment, and recovery.
   • Conduct post-incident reviews and develop strategies to mitigate future risks.

Required Qualifications:

• Education & Experience:
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent work experience).
  • Proven experience (15+ years) in cybersecurity roles, with a strong background in risk management, security program development, and incident response.
  • Experience in industries such as real estate, healthcare, or financial services is highly preferred, particularly with understanding the unique regulatory and operational requirements.
  • Extensive experience working in a senior cybersecurity role, ideally with a background as a CISO, security consultant, or similar leadership position.
• Skills & Expertise:
  • In-depth knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS, SOC 2, PCI DSS).
  • Advanced understanding of cloud security (AWS, Azure), network security, and application security.
  • Expertise in risk management, threat intelligence, and vulnerability management.
  • Familiarity with regulatory requirements specific to healthcare (HIPAA), financial services (PCI DSS), and other industry standards.
  • Strong understanding of incident response, disaster recovery, and business continuity planning.
  • Experience in managing security technologies such as firewalls, IDS/IPS, SIEM, endpoint protection, and encryption tools.
  • Excellent leadership and stakeholder management skills, with the ability to communicate complex security concepts to non-technical audiences.

Preferred Qualifications:

• Industry certifications such as CISSP, CISM, CISA, or equivalent.
• Experience with security automation, threat hunting, and data protection techniques.

Personal Attributes:

• Strong problem-solving skills with a strategic mindset.
• Ability to think both tactically and strategically to address evolving cybersecurity challenges.
• Excellent communication, collaboration, and interpersonal skills.
• Detail-oriented and organized, with the ability to manage multiple projects simultaneously.
• High level of integrity and ethical standards in managing cybersecurity risks.

Compensation, Benefits and Duration

Minimum Compensation: USD 80,000
Maximum Compensation: USD 280,000
Compensation is based on actual experience and qualifications of the candidate. The above is a reasonable and a good faith estimate for the role.
Medical, vision, and dental benefits, 401k retirement plan, variable pay/incentives, paid time off, and paid holidays are available for full time employees.
This position is available for independent contractors
No applications will be considered if received more than 120 days after the date of this post