[Hiring] Consultant @CLEARWATER SECURITY & COMPLIANCE LLC

Role Description

The Consultant is responsible for supporting the Consulting Services Team in delivering cybersecurity, privacy, and compliance services across a diverse portfolio of client engagements. This role operates as a flexible, deployable resource, contributing to multiple concurrent or sequential engagements based on business needs.

This role requires proactive initiative to study, ask questions, and rapidly learn the organization’s solutions, methodologies, and delivery standards. Consultants must be comfortable transitioning between engagements, adapting quickly to new client environments, and delivering value immediately.

Consultants focus on executing client deliverables, enhancing service quality, and improving project efficiency under the guidance of senior team members. They are expected to develop broad subject matter expertise, contribute to process improvements, and build trusted relationships across a variety of clients and internal teams.

Specific Job Responsibilities

• Serve as a deployable consulting resource, supporting multiple client engagements across varying industries, with a focus on healthcare.
• Adapt quickly to new client environments, priorities, and team structures while maintaining high-quality delivery.
• Support the execution of cybersecurity and compliance consulting engagements under senior leadership guidance.
• Work closely with clients to collect data, conduct risk assessments, gap analyses, and document findings.
• Assist in evaluating client security postures, including vulnerability management, compliance alignment, and risk exposure.
• Develop and contribute to recommendations aligned with industry frameworks such as NIST, ISO 27001, CIS Controls, and HIPAA.
• Support clients in designing and implementing security controls, policies, and procedures.
• Assist with incident response planning, tabletop exercises, and post-incident reviews.
• Communicate findings and recommendations clearly to both technical and non-technical stakeholders.
• Collaborate with cross-functional teams and internal leadership to ensure seamless delivery across engagements.
• Manage competing priorities and transition effectively between assignments.
• Continue existing responsibilities:
• Draft reports and recommendations
• Support quality control
• Maintain client communication
• Contribute to internal process improvements
• Participate in knowledge sharing and training
• Achievement of utilization targets and client satisfaction scores.
• Adherence to company policies, procedures, and security requirements.
• Billable hours target: 1,664 hours annually (equivalent to 80% utilization)
• Perform other duties within the scope of the role as assigned.

Qualifications

• 2-4 years of consulting, cybersecurity, or related client-facing experience
• Experience supporting multiple projects or engagements simultaneously preferred

Requirements

• Bachelor's degree in relevant discipline
• Strong knowledge of cybersecurity frameworks (NIST, HIPAA, ISO, CIS Controls)
• Demonstrated ability to assess risk, analyze findings, and support client recommendations
• Ability to manage competing priorities and adapt quickly between engagements
• Strong written and verbal communication skills, including translating technical concepts for non-technical audiences
• Familiarity with consulting methodologies and project delivery models
• Exposure to multiple security domains (e.g., risk management, compliance, vulnerability management, privacy) preferred
• Demonstrates awareness or use of AI/automation tools to improve efficiency and delivery quality (optional but aligned with JD)
• Familiarity with project management principles and consulting best practices.
• Ability to embrace Clearwater’s CLEAR core values (Commitment to Client Success, Lead with Accountability, Integrity & Collaboration, Excellence in All That We Do, Advance Colleague Success, Respect & Transparency) and culture.

Professional Development Expectations

• Stay current on evolving threat landscapes, regulatory requirements, and cybersecurity best practices
• Pursue and maintain industry certifications (Security+, CEH, ISC2 Associate, etc.)
• Expand knowledge across multiple cybersecurity domains to support diverse client needs
• Contribute to internal innovation, tools, and delivery improvements