Consultant

The Consultant is responsible for supporting the Consulting Services Team in delivering cybersecurity, privacy, and compliance services across a diverse portfolio of client engagements. This role operates as a flexible, deployable resource, contributing to multiple concurrent or sequential engagements based on business needs.

This role requires proactive initiative to study, ask questions, and rapidly learn the organization’s solutions, methodologies, and delivery standards. Consultants must be comfortable transitioning between engagements, adapting quickly to new client environments, and delivering value immediately.

Consultants focus on executing client deliverables, enhancing service quality, and improving project efficiency under the guidance of senior team members. They are expected to develop broad subject matter expertise, contribute to process improvements, and build trusted relationships across a variety of clients and internal teams.

SPECIFIC JOB RESPONSIBILITIES

• Serve as a deployable consulting resource, supporting multiple client engagements across varying industries, with a      focus on healthcare. 
• Adapt quickly to new client environments,  priorities, and team structures while maintaining high-quality delivery. 
• Support the execution of cybersecurity and compliance consulting engagements under senior leadership guidance. 
• Work closely with clients to collect data, conduct risk assessments, gap analyses, and document findings. 
• Assist in evaluating client security postures, including vulnerability management, compliance alignment, and      risk exposure. 
• Develop and contribute to recommendations  aligned with industry frameworks such as NIST, ISO 27001, CIS Controls,      and HIPAA. 
• Support clients in designing and  implementing security controls, policies, and procedures. 
• Assist with incident response planning,  tabletop exercises, and post-incident reviews. 
• Communicate findings and recommendations   clearly to both technical and non-technical stakeholders. 
• Collaborate with cross-functional teams and   internal leadership to ensure seamless delivery across engagements. 
• Manage competing priorities and transition  effectively between assignments. 
• Continue existing responsibilities: 
  • Draft reports and   recommendations 
  • Support quality control 
  • Maintain client   communication 
  • Contribute to internal  process improvements 
  • Participate in knowledge  sharing and training
• Achievement of utilization targets and  client satisfaction scores.
• Adherence to company policies, procedures, and security requirements.
• Billable      hours target: 1,664 hours annually (equivalent to 80% utilization)
• Perform      other duties within the scope of the role as assigned. 

EXPERIENCE REQUIRED

· 2-4 years of consulting, cybersecurity, or related client-facing experience

· Experience supporting multiple projects or engagements simultaneously preferred

· Bachelor's degree in relevant discipline 

· Strong knowledge of cybersecurity frameworks (NIST, HIPAA, ISO, CIS Controls)

· Demonstrated ability to assess risk, analyze findings, and support client recommendations

· Ability to manage competing priorities and adapt quickly between engagements

· Strong written and verbal communication skills, including translating technical concepts for non-technical audiences

· Familiarity with consulting methodologies and project delivery models

· Exposure to multiple security domains (e.g., risk management, compliance, vulnerability management, privacy) preferred

· Demonstrates awareness or use of AI/automation tools to improve efficiency and delivery quality (optional but aligned with JD)

· Familiarity with project management principles and consulting best practices. 

· Ability to embrace Clearwater’s CLEAR core values (Commitment to Client Success, Lead with Accountability, Integrity & Collaboration, Excellence in All That We Do, Advance Colleague Success, Respect & Transparency) and culture.  

PROFESSIONAL DEVELOPMENT EXPECTATIONS

• Stay current on evolving threat landscapes, regulatory requirements, and cybersecurity best practices
• Pursue and maintain industry certifications  (Security+, CEH, ISC2 Associate, etc.)
• Expand knowledge across multiple cybersecurity domains to support diverse client needs
• Contribute to internal innovation, tools, and delivery improvements