Director, Cyber Delivery and Operations (Consulting)

Director of Cyber Delivery and Operations

Location: Remote, US-based. US Citizenship required.

****No third party recruiters, please.****

The Director of Cyber Delivery & Operations is responsible for leading Cyber Delivery & Operations as a business function, including ownership of delivery quality, client outcomes, team performance, and contribution to revenue growth. This role requires operating with a business-owner mindset, balancing delivery excellence, team performance, and commercial outcomes.

Key Requirements:

Business & Operational Ownership

• Accountable for delivery outcomes, including quality, margin, and client satisfaction, owns both successes and failures
• Demonstrated ability to proactively identify and resolve delivery risks, rather than reacting or escalating late ○ Establishes a culture of ownership and accountability across teams, minimizing dependency on escalation paths
• Contribute to and support revenue growth through account expansion and solution development
• Establish and track KPIs/KRIs across delivery, client experience, and team performance
• Drive forecasting, staffing strategy, and utilization management
• Makes clear, timely decisions with incomplete information, while maintaining alignment across stakeholders

Broad understanding across cybersecurity domains with demonstrated depth in one or more of the following:

• Governance, Risk, and Compliance (GRC)*
• Cyber resilience (incident response, crisis management, disaster recovery, continuity planning)*
• Cloud security (AWS, Azure, GCP)*
• Application and Cloud security*
• Identity and access management*
• Network and infrastructure security
• Data protection and privacy
• Threat management and detection engineering (* Strong domain depth preferred)

Experience integrating AI-enabled capabilities into cybersecurity programs (e.g., automation, analytics, governance, developer enablement). Deep technical AI/ML development experience is not required.

• Able to operate and build teams, services, and BU’s at scale to include:
• Building and scaling teams (multi-manager environments preferred)
• Operating in consulting or services organizations with delivery and revenue accountability
• Establishing repeatable delivery models, playbooks, and governance structures

Executive Leadership & Organizational Influence

• Demonstrated ability to operate as a unifying leader across teams and stakeholders, aligning competing priorities without creating friction or silos
• Proven experience building trusted relationships with executive leadership, grounded in transparency, accountability, and consistency
• Ability to navigate complex organizational dynamics without escalation, deflection, or reliance on positional authority
• Track record of developing leaders and empowering teams, rather than centralizing decision-making
• Demonstrates low-ego leadership, prioritizing team and organizational success over individual recognition

• Deep familiarity with frameworks: NIST CSF, NIST 800-53, ISO 27001, CIS Controls, Zero Trust, MITRE ATT&CK, CMMC, SOC2
• Proven success leading and delivering large, cross-domain security programs
• Strong executive presence with the ability to influence and communicate with CxOs and Boards.
• Relevant certifications (CISSP, CISM, CCSP, SABSA, TOGAF, or AI/ML certifications) strongly preferred.
• Prior experience with Big 4 companies or consulting is a plus.
• Demonstrated experience with account expansion through high-quality delivery and client satisfaction
• Demonstrated success in roles with increasing scope of organizational responsibility, not just depth of technical or delivery contribution

Years of Experience:

• 15+ years of progressive delivery experience in cybersecurity, IT risk, or information assurance
• 7–10 years in leadership roles, including board-level or executive stakeholder engagement.

Client-Facing Responsibilities

• Deliver billable cybersecurity leadership and advisory services, including potentially acting as interim/fractional CISO for clients (~25–35% billable, focused on high-value leadership and advisory engagements rather than task-level execution)
• Integrate AI-enabled security capabilities into client-facing delivery (e.g, advisory/assessments, threat detection, SOC automation, anomaly detection, adversarial AI defenses).
• Align client programs with recognized frameworks (NIST, ISO, CIS Controls, Zero Trust, MITRE ATT&CK, CMMC).
• Support business development through solution design, client presentations, RFP/RFI contributions, and executive-level relationship building. Leadership & Practice Development
• Define and evolve our cybersecurity Delivery & Operations strategy and organization
• Mentor and grow a team of cyber practitioners, fostering expertise in advisory, digital resilience and AI-enabled security.
• Collaborate across practices (cloud, AI/ML, data, digital engineering) to build integrated client offerings.
• Drive delivery excellence and repeatability with reusable playbooks, reference architectures, and governance models.
• Drive thought leadership within the cybersecurity team (e.g., brown bags, technical IP, speaking engagements, etc.)
• Drive continuous improvement initiatives (automation, tooling, AI augmentation)
• Establish clear delivery KPIs and reporting across all engagements
• Improve delivery consistency and client satisfaction scores
• Build repeatable delivery models and accelerators What Success Looks Like
• Strengthen alignment between delivery and business development
• Mentor and elevate leadership bench within the team
• Establish a high-trust, low-friction operating environment across delivery teams and leadership
• Reduce delivery escalations through proactive alignment, clear ownership, and strong communication rhythms
• Successfully transitions the team from reactive delivery to a proactive, structured, and scalable operating model

Certifications (Required or Nice to Have)

• Bachelor’s degree required; Master’s degree in Cybersecurity, Computer Science, or related field strongly preferred.

Certifications in CISSP, CISA, CRISC, etc. is a plus.

Software Platform Knowledge Familiarity with leading cybersecurity tools including (but not limited to): Qualys, Tenable, Sailpoint, Wiz, Crowdstrike, Snyk, Veracode, Okta, Axonius, AI Cyber tools

Expected Travel (Client and Internal)

• Expected travel 25%-30% for internal and client meetings (as needed)