Senior Associate, Cybersecurity (M&A Transactions)
Alvarez & Marsal Deutschland GmbH, New York, New York, us, 10261
Description
Alvarez & Marsal (A&M) is a global consulting firm with over 10,000 entrepreneurial, action and results‑oriented professionals in more than 40 countries. We take a hands‑on approach to solving our clients’ problems and assisting them in reaching their potential. Our culture celebrates independent thinkers and doers who positively impact our clients and shape our industry. The collaborative environment and engaging work—guided by A&M’s core values of Integrity, Quality, Objectivity, Fun, Personal Reward, and Inclusive Diversity—are why our people love working at A&M.
About Alvarez & Marsal Alvarez & Marsal’s (A&M’s) Global Cyber Risk Services offerings have been developed to assist Boards and Management teams in understanding the organization’s Incident Response, Cyber‑readiness, and Cyber Strategy development. Our methods are grounded in guidance from the regulatory and industry frameworks and best practices that govern our clients’ specific business. Our team of cybersecurity experts provides prioritized findings, observations, recommendations and a roadmap for gap closure. We use expertly developed methodologies, tools and techniques to identify vulnerabilities, system misconfigurations and program deficiencies to improve your organization’s overall cyber posture and process maturity.
The Team Strategic Planning & Advisory Services A&M’s team of cybersecurity experts includes many former Chief Information Security Officers (CISOs) and senior information security professionals who can help your organization articulate a strategic vision that goes well beyond day‑to‑day management of cybersecurity. Our team has advised Fortune 500 firms to develop their strategic plans, incorporating and drawing from elements of technology risk, information security, insider threat, and cybersecurity workforce development and retention.
Our Global Cyber Risk Services (GCRS) team is seeking a Senior Associate. As a member of our GCRS team, you will be a key part of that growth. Working with companies across all industries, you will develop your career by communicating creative solutions for the client’s specific M&A transaction‑related cybersecurity needs. It’s all about listening to and understanding our clients to give them a truly exceptional experience in a field where there really are no off‑the‑shelf recommendations. Increasingly organized and collaborative, their methods grow more sophisticated each year. A&M helps clients to understand and mitigate cybersecurity risks to their businesses.
The team works across the full spectrum of the deal lifecycle from pre‑deal cybersecurity reviews, through ‘Day‑1’ planning, to post‑deal implementations. Our services include pre‑acquisition due diligence, carveout standalone estimation, cybersecurity separation / integration planning, and separation / integration support.
Professionals in this role work directly with private equity deal teams, corporate development leaders, and portfolio company executives to identify, quantify, and mitigate cybersecurity risks that may affect valuation, deal structure, and post‑close execution.
How you will contribute The nature of this role means no two projects will be the same. You’re likely to balance your time focused on aspects such as:
Execute or lead cybersecurity due diligence across M&A transactions
Identify material cyber risks impacting deal value, structure, or integration
Assess cybersecurity posture, maturity, and threat exposure of the target environments.
Communicate findings to clients, executives, and deal teams.
Develop pragmatic remediation and post‑close roadmaps when needed.
Manage multiple fast‑moving diligences simultaneously.
Skills and attributes for success
Perform and/or lead M&A transaction‑related cybersecurity services for clients of all sizes and M&A targets across industries.
Take responsibility for managing projects, including taking ownership of client communication, coordinating internal resources and planning and executing technical assessment activities.
Communicate information security and technology issues verbally on both a formal and informal basis to all levels of client staff, ranging from senior executives to user representatives. Deal with client discussions in an unstructured environment and produce high‑quality written technical reports and documents.
Work independently to manage and execute multiple projects in diverse client environments, ensure that appropriate management is apprised of project status, bring projects to completion and follow up with clients regarding results.
Gain a clear understanding of client environment, identify client needs, and effectively communicate solutions.
Develop tools for internal team use. Actively contribute to the maintenance and enhancement of team systems and processes.
Develop and complete an education plan to grow your skills consistent with client needs.
Assist other team members with their efforts toward this goal.
Conduct research on security topics and develop tools and documentation to assist security team activities.
Promote awareness of the team whether by building relationships with internal customers, publishing white papers or advisories, participating in marketing materials, or presenting at conferences.
Qualifications
4–7 years in cybersecurity advisory or transaction services
Experience supporting cybersecurity due diligences and / or risk assessments
Comfortable owning workstreams and client deliverables
General Requirements
Prior work with a strong emphasis on private equity advisory and cybersecurity due diligence
Direct responsibility for one of the following: cybersecurity due diligence for M&A transactions, cybersecurity risk assessment, technical security assessment, security controls gap assessment, cybersecurity program and governance design, cybersecurity roadmap development, policy and process design or review, network defense, application security, or security administration.
Familiarity with one or more of the following compliance frameworks and standards: NIST SP 800‑53, NIST CSF, DFARS/NIST SP 800‑171, ISO/IEC 27000, HIPAA, PCI.
Ability to occasionally work weekends and/or off hours as necessary to meet clients’ needs
Demonstrated track record working with business leaders (Directors and above) as well as private equity deal staff
Proven writing skills with a desire to produce polished client‑facing documents
Ability to effectively communicate with private equity deal staff and operating staff on cyber risk posture associated with M&A targets
Excellent fact‑gathering and analytical skills and quantitative analysis
History of balancing competing priorities with the ability to adapt to the changing needs of the business while meeting deadlines
Ability and willingness to travel as needed
Industry certifications such as CISSP, OSCP, OSCE, SANS GIAC certifications or similar
Previous advisory experience from a top‑tier private equity firm or private equity advisory firm, leading specialist, niche advisory firm, or Big‑4 consultancy
Your journey at A&M We recognize that our people are the driving force behind our success, which is why we prioritize an employee experience that fosters each person’s unique professional and personal development. Our robust performance development process promotes continuous learning, rewards your contributions, and fosters a culture of meritocracy. With top‑notch training and on‑the‑job learning opportunities, you can acquire new skills and advance your career.
We prioritize your well‑being, providing benefits and resources to support you on your personal journey. Our people consistently highlight the growth opportunities, our unique, entrepreneurial culture, and the fun we have together as their favorite aspects of working at A&M. The possibilities are endless for high‑performing and passionate professionals.
Full‑time Positions and Part‑time Positions Over 30 Hours Regular employees working 30 or more hours per week are also entitled to participate in Alvarez & Marsal Holdings’ fringe benefits consisting of healthcare plans, flexible spending and savings accounts, life, AD&D, and disability coverages at rates determined periodically as well as a 401(k) retirement savings plan. Provided the eligibility requirements are met, employees will also receive an annual discretionary contribution to their 401(k) retirement savings plan from Alvarez &M. Additionally, employees are eligible for paid time off including vacation, personal days, seventy‑two (72) hours of sick time (pro‑rated for part‑time employees), ten federal holidays, one floating holiday, and parental leave. The amount of vacation and personal days available varies based on tenure and role type. Click here for more information regarding A&M’s benefits programs.
The salary range is $80,000 - $110,000 annually, dependent on several variables including but not limited to education, experience, skills, and geography. In addition, A&M offers a discretionary bonus program which is based on a number of factors, including individual and firm performance. Please ask your recruiter for details.
#J-18808-Ljbffr
About Alvarez & Marsal Alvarez & Marsal’s (A&M’s) Global Cyber Risk Services offerings have been developed to assist Boards and Management teams in understanding the organization’s Incident Response, Cyber‑readiness, and Cyber Strategy development. Our methods are grounded in guidance from the regulatory and industry frameworks and best practices that govern our clients’ specific business. Our team of cybersecurity experts provides prioritized findings, observations, recommendations and a roadmap for gap closure. We use expertly developed methodologies, tools and techniques to identify vulnerabilities, system misconfigurations and program deficiencies to improve your organization’s overall cyber posture and process maturity.
The Team Strategic Planning & Advisory Services A&M’s team of cybersecurity experts includes many former Chief Information Security Officers (CISOs) and senior information security professionals who can help your organization articulate a strategic vision that goes well beyond day‑to‑day management of cybersecurity. Our team has advised Fortune 500 firms to develop their strategic plans, incorporating and drawing from elements of technology risk, information security, insider threat, and cybersecurity workforce development and retention.
Our Global Cyber Risk Services (GCRS) team is seeking a Senior Associate. As a member of our GCRS team, you will be a key part of that growth. Working with companies across all industries, you will develop your career by communicating creative solutions for the client’s specific M&A transaction‑related cybersecurity needs. It’s all about listening to and understanding our clients to give them a truly exceptional experience in a field where there really are no off‑the‑shelf recommendations. Increasingly organized and collaborative, their methods grow more sophisticated each year. A&M helps clients to understand and mitigate cybersecurity risks to their businesses.
The team works across the full spectrum of the deal lifecycle from pre‑deal cybersecurity reviews, through ‘Day‑1’ planning, to post‑deal implementations. Our services include pre‑acquisition due diligence, carveout standalone estimation, cybersecurity separation / integration planning, and separation / integration support.
Professionals in this role work directly with private equity deal teams, corporate development leaders, and portfolio company executives to identify, quantify, and mitigate cybersecurity risks that may affect valuation, deal structure, and post‑close execution.
How you will contribute The nature of this role means no two projects will be the same. You’re likely to balance your time focused on aspects such as:
Execute or lead cybersecurity due diligence across M&A transactions
Identify material cyber risks impacting deal value, structure, or integration
Assess cybersecurity posture, maturity, and threat exposure of the target environments.
Communicate findings to clients, executives, and deal teams.
Develop pragmatic remediation and post‑close roadmaps when needed.
Manage multiple fast‑moving diligences simultaneously.
Skills and attributes for success
Perform and/or lead M&A transaction‑related cybersecurity services for clients of all sizes and M&A targets across industries.
Take responsibility for managing projects, including taking ownership of client communication, coordinating internal resources and planning and executing technical assessment activities.
Communicate information security and technology issues verbally on both a formal and informal basis to all levels of client staff, ranging from senior executives to user representatives. Deal with client discussions in an unstructured environment and produce high‑quality written technical reports and documents.
Work independently to manage and execute multiple projects in diverse client environments, ensure that appropriate management is apprised of project status, bring projects to completion and follow up with clients regarding results.
Gain a clear understanding of client environment, identify client needs, and effectively communicate solutions.
Develop tools for internal team use. Actively contribute to the maintenance and enhancement of team systems and processes.
Develop and complete an education plan to grow your skills consistent with client needs.
Assist other team members with their efforts toward this goal.
Conduct research on security topics and develop tools and documentation to assist security team activities.
Promote awareness of the team whether by building relationships with internal customers, publishing white papers or advisories, participating in marketing materials, or presenting at conferences.
Qualifications
4–7 years in cybersecurity advisory or transaction services
Experience supporting cybersecurity due diligences and / or risk assessments
Comfortable owning workstreams and client deliverables
General Requirements
Prior work with a strong emphasis on private equity advisory and cybersecurity due diligence
Direct responsibility for one of the following: cybersecurity due diligence for M&A transactions, cybersecurity risk assessment, technical security assessment, security controls gap assessment, cybersecurity program and governance design, cybersecurity roadmap development, policy and process design or review, network defense, application security, or security administration.
Familiarity with one or more of the following compliance frameworks and standards: NIST SP 800‑53, NIST CSF, DFARS/NIST SP 800‑171, ISO/IEC 27000, HIPAA, PCI.
Ability to occasionally work weekends and/or off hours as necessary to meet clients’ needs
Demonstrated track record working with business leaders (Directors and above) as well as private equity deal staff
Proven writing skills with a desire to produce polished client‑facing documents
Ability to effectively communicate with private equity deal staff and operating staff on cyber risk posture associated with M&A targets
Excellent fact‑gathering and analytical skills and quantitative analysis
History of balancing competing priorities with the ability to adapt to the changing needs of the business while meeting deadlines
Ability and willingness to travel as needed
Industry certifications such as CISSP, OSCP, OSCE, SANS GIAC certifications or similar
Previous advisory experience from a top‑tier private equity firm or private equity advisory firm, leading specialist, niche advisory firm, or Big‑4 consultancy
Your journey at A&M We recognize that our people are the driving force behind our success, which is why we prioritize an employee experience that fosters each person’s unique professional and personal development. Our robust performance development process promotes continuous learning, rewards your contributions, and fosters a culture of meritocracy. With top‑notch training and on‑the‑job learning opportunities, you can acquire new skills and advance your career.
We prioritize your well‑being, providing benefits and resources to support you on your personal journey. Our people consistently highlight the growth opportunities, our unique, entrepreneurial culture, and the fun we have together as their favorite aspects of working at A&M. The possibilities are endless for high‑performing and passionate professionals.
Full‑time Positions and Part‑time Positions Over 30 Hours Regular employees working 30 or more hours per week are also entitled to participate in Alvarez & Marsal Holdings’ fringe benefits consisting of healthcare plans, flexible spending and savings accounts, life, AD&D, and disability coverages at rates determined periodically as well as a 401(k) retirement savings plan. Provided the eligibility requirements are met, employees will also receive an annual discretionary contribution to their 401(k) retirement savings plan from Alvarez &M. Additionally, employees are eligible for paid time off including vacation, personal days, seventy‑two (72) hours of sick time (pro‑rated for part‑time employees), ten federal holidays, one floating holiday, and parental leave. The amount of vacation and personal days available varies based on tenure and role type. Click here for more information regarding A&M’s benefits programs.
The salary range is $80,000 - $110,000 annually, dependent on several variables including but not limited to education, experience, skills, and geography. In addition, A&M offers a discretionary bonus program which is based on a number of factors, including individual and firm performance. Please ask your recruiter for details.
#J-18808-Ljbffr