Principal / Advisor level Cybersecurity Risk, Governance & NIST Assessment Consultant

Principal / Advisor level Cybersecurity Risk, Governance & NIST Assessment Consultant Remote Position 4 months (Could go Longer) Position Summary We are seeking an experienced Cybersecurity Risk & Governance Consultant to lead cybersecurity assessments across a private equity portfolio of companies. This role will evaluate cybersecurity maturity, identify risks and control gaps, benchmark organizations against industry frameworks, and develop executive-level remediation roadmaps.The consultant will work directly with C-suite executives, board members, private equity operating partners, and technology leaders to establish cybersecurity risk posture and prioritize security investments. A recent cyber incident within the portfolio requires additional focus on incident response readiness and risk mitigation

Key Responsibilities

Conduct cybersecurity risk and maturity assessments across multiple organizations. Evaluate security programs against NIST CSF 2.0, NIST 800-53, NIST 800-171, CIS Controls, and ISO 27001. Identify cybersecurity risks, control gaps, and remediation priorities. Develop executive and board-level reports, dashboards, and presentations. Assess incident response capabilities and recommend improvements. Facilitate workshops with business and technology stakeholders. Support cybersecurity governance and transformation initiatives across portfolio companies. Required Qualifications 10+ years of cybersecurity consulting, advisory, or risk management experience. Hands-on experience conducting cybersecurity assessments and risk reviews. Deep knowledge of NIST CSF, NIST 800-53, NIST 800-171, CIS Controls, and ISO 27001. Experience presenting findings to executive leadership and boards. Strong ability to translate technical issues into business risk. Excellent stakeholder management and communication skills.

Preferred Qualifications

Experience working with private equity firms and portfolio companies. Experience leading cybersecurity transformation programs. Professional certifications such as CISSP, CISM, CRISC, CISA, CCSP, GIAC, or ISO 27001 Lead Auditor.