Senior Security Strategist


Cybersecurity Service Manager



Start Date:


Travel Requirements:

Up to 50%

Position Description

The Senior Security Strategist is a recognized expert and has extensive knowledge of information security concepts and functions. This individual has expertise in managing and implementing cybersecurity solutions and understands key business processes, in relation to the cybersecurity domains of governance, risk and compliance, and how businesses can best leverage, integrate and find value in cybersecurity processes. The Senior Security Strategist consults, advises and strategizes with GreyCastle Security clients in a wide range of topics and business environments.

The Senior Security Strategist must be able to communicate effectively to educate, persuade and influence C-level executives, senior managers, board members and key stakeholders to make informed decisions that are in-line with business objectives. The Senior Security Strategist must be composed and skilled in the face of opinionated and strong-willed individuals, maintaining a focus on pursuing balanced decisions that support, and when necessary, influence mitigating business risk. Ultimately, the Senior Security Strategist must be highly effective and efficient at solving business critical problems with relevant solutions that are in-line with GreyCastle Security practices and service offerings.

Position Responsibilities

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Service Delivery

  • Act as a definitive cybersecurity resource in a virtual Chief Information Security Officer (vCISO) capacity, both internally and Client-facing.
  • Deliver vCISO services in-line with GreyCastle Security standards and processes.
  • Strategize, advise, and consult with clients in a wide range of business-relevant cybersecurity topics.
  • Maintain proficiency in and awareness of security services, industry trends, tactics, techniques, and procedures.
  • Provide leadership, mentorship, and direction to members of the team.
  • Use clear and concise written and verbal communication.

  • Expertly present cybersecurity concepts, issues and findings to Boards, senior managers, C-level Leadership, and key stakeholders.
  • Partner with Security Program and Project Managers to ensure timely delivery in-line with client expectations.
  • Act as the client Program Sponsor, driving program strategy by providing direction to both clients and the Project Management Office.
  • Lead and/or participate in service collateral creation and maintenance to facilitate service delivery.
  • Participate in conferences and events as a speaker/presenter.
  • Must complete GreyCastle service training as required.


  • Collaborate with business units, including Business Development, Services and Marketing to ensure well-engineered solutions are provided to clients and prospects.
  • Participate on sales calls to support explanation of vCISO activities and other GreyCastle Security services.
  • Interface with technical resources (Solution Engineers, Product Management and Subject Matter Experts) to facilitate appropriate solutions that can be successfully scoped, delivered, and executed.
  • Partner with Business Intelligence and Solutions and Product Management to facilitate proactive messaging regarding industry threats to prospects and clients.

Corporate Responsibility

Information security is everyone's responsibility:

  • Understanding and following GreyCastle Security’s information security policies and procedures.
  • Remaining vigilant and reporting any suspicious activity or possible weaknesses in GreyCastle Security’s information security.
  • Actively participating in GreyCastle Security’s efforts to maintain and improve information security.

Supervisory Responsibility

This position has no supervisory responsibilities.

Work Environment

This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

While performing the duties of this job, the employee is regularly required to talk or hear. The employee frequently is required to stand; walk; use hands to finger, handle or feel; and reach with hands and arms.

This position requires the ability to occasionally lift office products and supplies, up to 20 pounds.

Position Type/Expected Hours of Work

This is a full-time position, and hours of work and days are Monday through Friday, 8:00 a.m. to 5 p.m.


  • Business Acumen
  • Risk Management
  • Consulting & Advisory
  • Presentation Capability
  • Client Relationship Management
  • Strategy and Solutioning
  • Collaboration
  • Communication
  • Organization
  • Service Delivery
  • Technical Capacity

Required Education and Experience

  • Bachelor’s Degree or equivalent professional experience in cybersecurity industry
  • 10+ years of information security experience
  • 5+ years of security experience with standards, including ISO 27002, HIPAA, PCI, NYS DFS, DFARS, NIST 800-53/800-171 or other related information security standards
  • 3+ years of comprehensive expertise in the strategic delivery of cybersecurity solutions, including governance, risk, and compliance
  • 3+ years of demonstrated expertise in setting strategic direction for clients acting as a trusted advisor and coordinating information security programs through continued strategic oversight
  • CISSP, GPEN, CISM, CISA, GIAC or other security-related certification commensurate with the job duties and responsibilities

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Equal Opportunity Employer

GreyCastle Security is an equal opportunity employer, and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or protected veteran status, or any other protected factors or classes.