Senior Security & Privacy Consultant

About the Position

As a CISO / Senior Security & Privacy Consultant, you will play a leading role in delivering security governance, risk management, and security advisory services to clients across multiple industries, with a strong focus on cloud-based and product-oriented organizations.

You will act as a senior security authority for clients, combining security leadership, risk ownership, and hands-on security reviews of cloud infrastructure and application platforms. In this role, you will guide organizations in defining their security posture, aligning security with business goals, and addressing complex security and privacy challenges.

Beyond client delivery, you will help shape and evolve the company’s security services, methodologies, and best practices. The role requires deep familiarity with cloud and application security to ensure recommendations are practical, risk-based, and aligned with real-world implementation.

Responsibilities

• Act as CISO / vCISO for startups and SMB clients, providing security leadership and strategic guidance
• Lead security risk assessments, gap analyses, and prioritization of remediation efforts
• Define and guide security strategy, security roadmaps, and risk posture aligned with business objectives
• Conduct security and architecture reviews for cloud-based platforms and SaaS applications
• Review system and application architectures, data flows, identity and access models, and trust boundaries from a security perspective
• Perform threat modeling and identify architectural security risks across cloud and application layers
• Lead and support compliance initiatives, including ISO 27001 and SOC 2 readiness and ongoing maintenance
• Develop, review, and maintain security policies, procedures, and governance controls
• Support audit preparation and ongoing compliance activities
• Lead and support privacy and data protection activities in accordance with Israeli privacy laws and regulations
• Provide clear, risk-based security recommendations to technical and non-technical stakeholders
• Drive project timelines, track progress, and ensure deliverables meet quality and scope expectations
• Collaborate with security engineering, infrastructure, and offensive security teams to ensure findings are translated into practical remediation

Qualifications

• 5+ years of experience in cybersecurity, with senior responsibility in security, cloud, or application security roles
• Proven experience in both cloud security and application security environments
• Strong understanding of cloud-native architectures (AWS, Azure, or GCP) and SaaS platforms
• Demonstrated experience performing security architecture reviews and threat modeling
• Hands-on experience leading or supporting ISO 27001 and/or SOC 2 programs
• Familiarity with privacy and data protection requirements under Israeli law (DPO experience is an advantage)
• Strong analytical skills with the ability to balance security risk and business needs

Excellent communication skills, with the ability to advise executives, engineers, and non-technical stakeholders