CFGI Logo

CFGI

Private Equity and Venture Capital Cybersecurity - Senior Manager

Reposted 23 Days Ago
Be an Early Applicant
Remote or Hybrid
Hiring Remotely in United States
Senior level
Remote or Hybrid
Hiring Remotely in United States
Senior level
Lead cybersecurity advisory engagements in private equity and venture capital, providing due diligence, risk assessment, and integration strategies while advising executive stakeholders.
The summary above was generated by AI

CFGI is seeking a Cybersecurity Consulting Senior Manager with deep private equity and venture capital industry experience to lead and deliver high-impact advisory engagements across the investment lifecycle, from pre-deal cybersecurity due diligence and risk assessment through post-close integration, portfolio company maturity uplift, and exit readiness. This role blends hands-on delivery, executive communication, and practice leadership. You will work directly with PE/VC deal teams, operating partners, portfolio company CISOs, CIOs, CFOs, and Board/Audit Committee members to design pragmatic programs, build scalable operating models, and deliver security outcomes tied to value creation and investment thesis.

 

The ideal candidate brings direct private equity or venture capital industry experience, either from within a PE/VC firm, a portfolio company, or a consulting practice with a dedicated PE/VC client base, combined with deep cybersecurity advisory expertise, strong commercial instincts, and a proven ability to deliver in fast-paced, deal-driven environments.

 

Key Responsibilities:

 

Client Advisory & Delivery:

 

  • Lead cybersecurity advisory engagements across the PE/VC deal lifecycle: pre-acquisition due diligence, post-close 100-day security planning, portfolio company maturity uplift, carve-out/stand-up, and exit readiness assessments.
  • Conduct and manage cybersecurity due diligence assessments for buy-side and sell-side transactions: identify material risks, quantify cyber exposure, and deliver findings in deal-team-ready formats (red/yellow/green risk summaries, indemnification inputs, rep & warranty considerations).
  • Design and operationalize cybersecurity governance models (policies, standards, risk appetite, committees, reporting KPIs/KRIs) scaled appropriately to portfolio company size and PE ownership model.
  • Build and mature enterprise risk programs: risk assessments, risk registers, control libraries, and control testing approaches.
  • Develop and implement security policies, standards, and procedures aligned to common frameworks (e.g., NIST CSF, ISO 27001/27002, CIS, SOC 2, CMMC, FedRAMP).
  • Support regulatory readiness and compliance initiatives relevant to PE portfolio company sectors (e.g., SEC cyber disclosure rules, SOX ITGC for pre-IPO/public-co readiness, HIPAA for healthcare portfolio companies, PCI DSS, NYDFS 500, GDPR/CCPA where applicable).
  • Develop investment-grade cybersecurity roadmaps and remediation plans tied to PE value-creation timelines; track progress against milestones and communicate status to operating partners and deal teams.
  • Advise on cybersecurity integration and separation activities for M&A transactions: network segmentation, identity/access migration, data classification, Day 1 security controls, and TSA/ITSA cybersecurity workstreams.
  • Perform vendor/third-party risk assessments and implement scalable TPRM operating models appropriate for PE-owned businesses.
  • Coordinate cross-functional stakeholders (Legal, IT, Security, Compliance, Product, HR) to drive outcomes and adoption.

 

Executive Communication & Stakeholder Management:

 

  • Translate complex technical, regulatory, and privacy requirements into business-oriented recommendations.
  • Deliver executive-ready artifacts tailored to PE/VC audiences: LP/board cybersecurity reporting, deal-team risk summaries, portfolio-wide security heatmaps, 100-day plan progress updates, and audit committee materials.
  • Serve as a trusted advisor to senior leadership; confidently present findings and influence decisions.

 

Practice Development & Leadership:

 

  • Contribute to go-to-market development: offerings, templates, accelerators, methodologies, and points of view.
  • Support business development through proposal writing, SOW development, client presentations, and solution shaping.
  • Mentor and develop consultants and managers; lead teams across multiple engagements while maintaining quality and delivery rigor.
  • Partner with other CFGI service lines (Accounting Advisory, CFO Advisory, Technology Enablement) to deliver integrated solutions.

 

Required Qualifications:

 

  • Eight plus years of relevant experience in cybersecurity consulting, GRC, risk management, or compliance with meaningful direct experience serving private equity sponsors, venture capital firms, or PE-backed portfolio companies (level will map to experience).
  • Bachelor’s degree in a related field is required.
  • Demonstrated expertise across the PE/VC cybersecurity advisory lifecycle: pre-acquisition cyber due diligence (buy-side and sell-side), post-close 100-day security planning and portfolio company stand-up,  and integration and carve-out cybersecurity workstreams.
  • Framework implementation and operationalization: NIST CSF, ISO 27001/27002, SOC 2, CIS Controls.
  • Familiarity with privacy and regulatory requirements common to PE portfolio company sectors (HIPAA, GDPR/CCPA, SOX ITGC, PCI DSS); deep privacy program build-out expertise is not required.
  • Experience performing or leading: cybersecurity due diligence assessments for M&A transactions, rapid maturity uplift and 100-day security roadmap delivery, integration or carve-out cybersecurity workstreams, enterprise/security risk assessments, control design/testing, policy and standards development, compliance/regulatory readiness programs (especially SOX ITGC, SOC 2, HIPAA for portfolio companies).
  • Exceptional written and verbal communication skills with a track record of producing executive-level deliverables.
  • Proven ability to lead teams, manage timelines/budgets, and deliver in a client-facing environment.

 

Preferred Qualifications (Nice-to-Have):

 

  • Certifications: CISM, CISSP, CRISC, CISA, ISO 27001 Lead Implementer/Lead Auditor.
  • Direct experience working within a private equity or venture capital firm (in-house security, operating partner role, or embedded advisory).
  • Experience supporting portfolio-wide cybersecurity programs across multiple simultaneous investments.
  • Exposure to incident readiness, tabletop exercises, and crisis communications coordination with Legal/Comms.
  • Experience supporting audits and assurance activities (SOC 2 readiness, ISO certification readiness, internal audit coordination).

 

Why CFGI:

 

  • Immediate exposure to complex, high-velocity PE and VC deal environments — due diligence, integrations, carve-outs, and exit readiness — with sophisticated sponsor and portfolio company clients.
  • Opportunity to shape and scale a fast-growing Cybersecurity practice.
  • Collaborative culture with autonomy, flexibility, and strong leadership support.
  • Competitive compensation, benefits, and career growth trajectory.

CFGI Los Angeles, California, USA Office

Los Angeles, United States

Similar Jobs

An Hour Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
175K-210K Annually
Senior level
175K-210K Annually
Senior level
Legal Tech • Software • Generative AI
Own positioning, messaging, and launch strategy for EveOS. Translate complex AI capabilities into buyer-relevant narratives for firm owners, managing attorneys, and operations leads. Feed customer and competitive insights into product and packaging decisions. Create core GTM assets (pitch, product story, demo narrative, website messaging), support analyst relations, and partner with Sales Enablement, PMMs, and Demand Gen to ensure consistent messaging across launches and collateral.
An Hour Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
175K-210K Annually
Senior level
175K-210K Annually
Senior level
Legal Tech • Software • Generative AI
Lead GTM programs and sales enablement to drive pipeline and revenue. Build messaging, segmentation, pricing alignment, sales tools, partner materials, and enablement metrics while partnering cross-functionally with product, sales, and partnerships.
An Hour Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
71K-96K Annually
Mid level
71K-96K Annually
Mid level
Artificial Intelligence • Cloud • Computer Vision • Hardware • Internet of Things • Software
Provide Tier 2 hardware and software support for Samsara's IoT products, troubleshoot medium-to-high complexity issues, manage tickets, author knowledge base articles, partner with Engineering and Product teams, and meet SLA goals while supporting customers across hardware, mobile apps, APIs, and cloud services.
Top Skills: APIsCloudIotMobile ApplicationsSaaSSalesforceZendesk

What you need to know about the Los Angeles Tech Scene

Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.

Key Facts About Los Angeles Tech

  • Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
  • Key Industries: Artificial intelligence, adtech, media, software, game development
  • Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
  • Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account