Job Title:  Senior Cybersecurity Merger & Acquisition Consultant

Corporate title: Contractor                           

Department: Technology

Location: New York                                        

The pay range for this position at commencement of employment is expected to be between $100 and $150/hour*

Company overview

Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com.

Department Overview

The Information Technology department at Nomura is at the forefront of innovation, driving technology solutions that empower our business and enhance client experiences. We leverage cutting-edge technologies to develop and maintain robust systems and infrastructure, ensuring the security, reliability, and efficiency of our operations. Join our team and be part of a dynamic and collaborative environment that embraces technological advancements to deliver value and drive our digital transformation journey. 

Position Overview

Seeking an experienced Cybersecurity M&A Consultant to lead complex cybersecurity due diligence, integration planning, and risk assessment activities during mergers, acquisitions, and divestitures. This role requires deep expertise in cybersecurity strategy, risk management, and technical architecture to ensure successful integration of security programs and technologies.

Key Responsibilities

• Lead comprehensive cybersecurity due diligence assessments for target companies
• Evaluate security posture, maturity levels, and risk exposure of acquisition targets
• Develop detailed integration strategies and roadmaps for security programs, tools, and teams
• Assess compliance requirements and regulatory obligations across multiple jurisdictions
• Review and analyze cybersecurity architectures for scalability and integration potential
• Identify security gaps and provide remediation recommendations with associated costs
• Partner with business stakeholders to align security integration plans with business objectives
• Lead security tool rationalization and integration planning activities
• Develop executive-level presentations and reports on security findings and recommendations

Required Skills & Qualifications

• 15+ years of experience in cybersecurity, with at least 8 years focused on M&A activities
• Deep understanding of security control frameworks (NIST, ISO 27001, CIS Controls)
• Extensive experience in security architecture review and design
• Strong knowledge of cloud security architectures (AWS, Azure, GCP)
• Experience with security tool integration and consolidation projects
• Proven track record of leading large-scale security integration programs
• Expert knowledge of risk assessment methodologies and threat modeling
• Strong understanding of regulatory requirements (GDPR, CCPA, HIPAA, etc.)

• Security architecture and design patterns
• Identity and Access Management (IAM) systems
• Security Information and Event Management (SIEM) platforms
• Cloud security and containerization technologies
• Network security and segmentation
• Endpoint security and EDR solutions
• Data protection and encryption technologies
• Security automation and orchestration tools

• Ability to assess current-state security architectures and identify gaps
• Experience in developing target-state security architectures
• Knowledge of zero trust architecture principles
• Understanding of API security and microservices architecture
• Experience with hybrid cloud security architectures
• Expertise in security tool integration patterns and best practices

• Excellent communication and presentation skills
• Strong leadership and stakeholder management abilities
• Strategic thinking and problem-solving capabilities
• Ability to work under pressure and meet tight deadlines
• Strong project management and organizational skills
• Experience in leading cross-functional teams

• Bachelor's degree in Computer Science, Information Security, or related field
• Advanced degree preferred (MBA, Master's in Information Security)
• Relevant certifications such as:
• CISSP
• CISM
• CRISC
• CGEIT
• Cloud security certifications (CCSP, AWS Security Specialty)

Travel Requirements

• Willing to travel up to 40% of the time for client engagements and on-site assessments

Successful candidates will be engaged under a contract for services with a third party.

Successful Candidates will not be employed by nor have any employment relationship with Nomura.