Overview

The GS Value Accelerator partners with our portfolio companies to build enduring businesses and create incremental value by leveraging the GS network, our differentiated resources, and our highly distinguished operating advisors.  We drive value for our portfolio companies in 5 key areas that include Scaling Revenue; Operational Excellence; Technical, Digital, and Data Transformation; Talent & Organizational Strategy; and ESG & Risk Optimization.

The Digital Advisory Council (DAC) is a proprietary group that partners our digital experts and GS Tech Risk team with companies to drive value creation leveraging data and digital tooling.  As part of the DAC, the Portfolio Cybersecurity Advisor oversees the security posture of the global portfolio, partnering with portfolio company executives to drive security strategy and reporting on cyber-related risks and challenges to deal team executive leadership. As a trusted security advisor, responsibilities will include providing steer on cyber-related incidents, cybersecurity due diligence, and advising on information security program elements.

Key Responsibilities

• Provide oversight on the security posture of the global portfolio
• Measure and track cyber improvements across the portfolio
• Provide steer on cyber-related incidents
• Assess and report on the cyber risk to deal team executives
• Develop cybersecurity best practice materials for portfolio company leadership
• Evaluate cybersecurity vendors to be used in a referral capacity
• Identify opportunities for process improvements and drive change management initiatives
• Foster a culture of innovation, collaboration, and continuous improvement within the team

Qualifications & Skills

Essential

• Minimum of 7+ years of experience in cyber role, with at least 3 years in a managerial role
• Bachelor's degree in computer science or related field
• Excellent communication and interpersonal skills; the ability to build advisory relationships with a foundation of trust and responsibility.
• Strong understanding of common cyber security risks, threats and regulatory landscape approaches and challenges across organisational environments.
• Experience advising or operating within private equity, venture capital, or growth equity environments, including working across multiple portfolio companies simultaneously.
• Demonstrated ability to present cyber risk to non-technical stakeholders, including deal team executives, board members, and investment committee.
• Experience managing cross-organizational cyber incidents, breach notification processes, and crisis communications.
• Knowledge of cyber security and risk frameworks and standards, including but not limited to ISO/IEC 27001, NIST CSF, NIST SP 800-53.
• Knowledge of regulatory and compliance landscape, including but not limited to HIPAA, PCI-DSS, NIS2, DORA, GDPR, CCPA.

Desirable

• Relevant security qualifications (e.g. MSC Information Security, CISSP, CISM, CCSP)
• Understanding of AI/ML security risks, including LLM security, data poisoning, and AI governance frameworks.
• Understanding of operational technology security for industries including, energy/utilities, manufacturing, transportation.  
• Strong proficiency in cloud security architecture and posture management across AWS, Azure, and/or GCP.
• Experience leading cyber diligence for M&A transactions, including pre-acquisition risk assessment, post-acquisition integration, and 100-day planning.
• Familiarity with cyber insurance underwriting process and premium pricing