Security Project Manager with Mergers and Acquisitions Experiance

Security Project Manager with Mergers and Acquisitions Experiance.

Location: Schaumburg, IL

Duration: 12 Months

We are seeking a highly motivated and experienced Project Manager Security to lead and deliver key security initiatives across our organization. The ideal candidate will have a strong background in cybersecurity and enterprise security programs, coupled with proven expertise in managing large-scale security projects, including during mergers and acquisitions (M&A). This role is critical to ensuring the confidentiality, integrity, and availability of our systems and data while aligning security programs with business and regulatory requirements.

---

Key Responsibilities:

1. Project Planning and Execution:

Lead and manage security projects from inception to completion, ensuring projects are delivered on time, within scope, and budget.

Develop detailed project plans that outline scope, deliverables, timelines, resources, risks, and success metrics.

Collaborate with cross-functional teams, including information security, IT, compliance, legal, and business units, to ensure alignment with organizational goals.

Track project performance, manage project budgets, and apply corrective actions as needed to keep initiatives on track.

2. M&A Security Integration:

Oversee security integration efforts during mergers, acquisitions, or organizational transitions, ensuring seamless unification of security controls, tools, and frameworks.

Manage the consolidation and optimization of security technologies, policies, and procedures to mitigate risks and ensure business continuity.

Lead security assessments during M&A activities to identify vulnerabilities, gaps, and risks, and develop comprehensive remediation and integration plans.

Ensure that security standards, incident response capabilities, and business resilience strategies are maintained throughout the M&A process.

3. Security Architecture and Implementation:

Oversee the implementation of security controls and technologies such as SIEM, endpoint protection, DLP, firewalls, and intrusion detection/prevention systems.

Ensure security solutions align with industry best practices, regulatory requirements, and evolving threat landscapes.

Partner with security architects and engineers to implement technical solutions that protect sensitive assets and data.

4. Stakeholder Management and Communication:

Provide clear, consistent, and timely communication to key stakeholders, including senior leadership, risk management, and technical teams.

Facilitate collaboration between security, IT, and business units to address security challenges and ensure successful project delivery.

Manage expectations of internal and external stakeholders during security transitions, integrations, or enhancements.

5. Risk and Issue Management:

Identify and assess potential security risks and issues associated with projects or integrations and develop effective mitigation strategies.

Conduct regular security risk assessments to ensure controls are effective and compliant with policies and regulations.

Resolve security-related issues in a timely manner to avoid business disruptions or non-compliance.

6. Compliance and Governance:

Ensure security projects and initiatives meet regulatory and industry compliance requirements (e.g., GDPR, HIPAA, SOX, PCI-DSS, NIST).

Partner with compliance and risk management teams to ensure audit readiness and adherence to corporate governance policies.

Implement and maintain policies and procedures related to information security, data privacy, and cybersecurity risk management.

7. Continuous Improvement:

Identify opportunities to enhance security processes, technologies, and project delivery methodologies.

Stay up to date with the latest security trends, technologies, and regulatory changes, and recommend improvements as appropriate.

Promote a culture of security awareness and continuous improvement across the organization.

---

Required Skills and Experience:

1. Technical Expertise:

Strong understanding of enterprise security technologies, including SIEM, IDS/IPS, endpoint protection, DLP, encryption, identity management, and cloud security.

Familiarity with security frameworks and standards such as NIST, ISO 27001, CIS Controls, and COBIT.

Hands-on experience managing security implementations, upgrades, and integrations in on-premises and cloud environments.

Direct experience with security challenges and controls associated with M&A activities.

2. Project Management Skills:

Proven experience managing complex security projects, including budgeting, scheduling, resource management, and risk management.

Proficiency with project management methodologies (Agile, Waterfall, or hybrid approaches).

Strong problem-solving skills and ability to handle competing demands in a fast-paced environment.

3. Communication and Collaboration:

Excellent verbal and written communication skills, with the ability to present security concepts to both technical and non-technical audiences.

Strong ability to build relationships and collaborate effectively with IT, security, compliance, and business stakeholders.

Demonstrated success managing stakeholder expectations and resolving project roadblocks.

4. M&A Experience:

Experience leading security due diligence, risk assessments, and integration planning during mergers, acquisitions, or divestitures.

Understanding of the unique security and compliance risks associated with M&A transactions.

5. Compliance and Security Awareness:

Strong knowledge of regulatory and compliance standards relevant to information security.

Familiarity with cybersecurity risk management, incident response planning, and security operations.

Ability to ensure secure and compliant integration of security programs during organizational transitions.

---

Preferred Qualifications:

PMP, CISSP, CISM, CRISC, or similar certifications.

Experience in security program delivery within highly regulated industries (e.g., financial services, healthcare, insurance).

Knowledge of cloud-native security tools (AWS Security Hub, Azure Security Center, etc.).

Experience with business continuity planning and disaster recovery in the context of security programs.