PJT Partners is a global advisory-focused investment bank. Our team of senior professionals delivers a wide array of strategic advisory, shareholder advisory, restructuring and special situations and private fund advisory and placement services to corporations, financial sponsors, institutional investors and governments around the world. We offer a unique portfolio of advisory services designed to help our clients achieve their strategic objectives. We also provide, through PJT Park Hill, private fund advisory and fundraising services for alternative investment managers, including private equity funds, real estate funds and hedge funds.
From the beginning, PJT Partners has firmly believed that having the best people is key to building an enduring franchise. Our perspective was, and remains, that a great team brings in both top tier clients and appeals to a wide-range of diverse, talented colleagues. Fostering an inclusive culture, which welcomes differing perspectives and beliefs, enables us to provide the best advice and insights to our clients.
To learn more about PJT Partners, please visit our website at www.pjtpartners.com.
Overview:
The Technology department at PJT is responsible for creating and continuously improving a robust and secure technology foundation that supports the firm’s business activities. Underpinning that, the Cybersecurity function ensures that the firm accurately identifies, investigates, and remediates incidents and evaluates applicable controls related to the firm’s technology. As the technology landscape at PJT is undergoing significant change, the Cybersecurity function is also evolving to help enable that change.
Role Description:
The Cloud and Application Security Lead is a critical role in our security organization, responsible for ensuring the security and integrity of our cloud-based services and applications. This position involves leading the design, implementation, and management of security strategies that protect the company’s data and infrastructure from external and internal threats. The ideal candidate will have a strong background in cybersecurity, with specialized expertise in cloud computing software as a service (SaaS) and application security.
Responsibilities:
- Key Areas of Focus
- Assist the Head of Information Security and Technology Risk with ensuring cloud and application security.
- Develop, implement, and maintain comprehensive cloud security architectures, policies, and procedures to protect sensitive data and systems in cloud environments.
- Lead the application and SaaS security initiatives, including but not limited to threat modeling, vulnerability assessments, code reviews, and security testing.
- Collaborate with IT, engineering, data and applications teams to integrate security practices into the DevOps pipeline and software development lifecycle.
- Conduct regular security assessments and audits to identify vulnerabilities, evaluate risk, and ensure compliance with industry standards and regulatory requirements.
- Respond to and manage security incidents, including providing post-mortem analysis and implementing preventative measures to avoid future incidents.
- Stay abreast of emerging security threats, vulnerabilities, and controls, and recommend enhancements to the existing security posture.
- Facilitate security awareness training and promote a culture of security consciousness within the organization.
- Manage relationships with external security vendors and consultants, including overseeing penetration tests and other security services.
- Provide expert guidance and leadership to junior security team members, fostering a collaborative and proactive approach to security.
Qualifications:
- Bachelor’s degree in Computer Science, Information Security, or a related field.
- Equivalent experience is acceptable
- 7-10 years in cloud security architecture, and/or cloud application security.
- Strong knowledge of cloud service providers (e.g., AWS, Azure, Google Cloud) and their native security tools.
- Extensive experience in SaaS security
- Knowledge and experience in CSPM and SSPM platforms
- Expertise in secure coding practices, ethical hacking, and security in a CI/CD environment.
- Knowledge of security frameworks such as NIST, CIS, and ISO.
- Familiarity with security incident and event management (SIEM) tools.
- Excellent communication and interpersonal skills, with the ability to communicate complex security issues to technical and non-technical stakeholders.
- Strong leadership and mentorship skills, with the ability to work collaboratively with cross-functional teams.
- Ability to work independently, manage multiple tasks, and prioritize workload.
- Strong knowledge of incident response
- Experienced in managing consultant teams
Expected annualized base salary of $135,000 to $170,000.
This range represents the low and high ends of the expected annualized base salary for this position. The specific base salary received by any employee will be informed by a number of factors, including but not limited to, role level and scope, location, candidate’s relevant qualifications, skills and experience.
Base salary is one component of PJT Partners’ compensation structure. In addition to base salary, PJT Partners’ compensation structure may include additional rewards, incentives and benefits, including but not limited to, a discretionary bonus component.
PJT is an equal opportunity employer. We do not discriminate on the basis of, and will consider all qualified applicants for employment without regard to race, color, religious creed, religion, sex, pregnancy, national origin, ancestry, citizenship status, age, marital or partnership status, sexual orientation, gender identity expression, disability, medical condition, genetic information or predisposition, veteran or military status, status as a victim of domestic violence, a sex offense or stalking, or any other category protected by law. PJT Partners also complies with all applicable laws with regard to providing reasonable accommodation of disabilities to applicants. For more information or to request an accommodation, please contact Human Resources.
California Applicants: PJT Partners will consider for employment qualified applicants with arrest and/or conviction records in a manner consistent with applicable law including, but not limited to, the San Francisco Fair Chance Ordinance and/or Los Angeles Fair Chance Initiative for Hiring Ordinance.
Applicant Privacy Notice:
View our Applicant Privacy Notice https://info.pjtpartners.com/PJT_Global_Applicant_Privacy_Notice here. If you are a California resident, please refer to our California Applicant Privacy Notice https://info.pjtpartners.com/California_Applicant_Privacy_Notice for further information.
*In order to be considered, please ensure your resume/CV is submitted in PDF format.
