Consultant - Chief Information Security Officer (Fractional / Contract Role)

Arootah is a rapidly growing advisory and coaching firm specializing in Alternative Investment & Family Office Advisory, Executive & Leadership Coaching, and Talent Acquisition & Development. Founded by Rich Bello, co-founder and COO of Blue Ridge Capital, Arootah leverages deep industry expertise to drive peak performance for executives, teams, and firms across the alternative investments landscape.

Join Arootah's Network of Business Advisors serving Arootah's clients on a project basis in the alternative investment industry, including hedge funds, private equity firms, and family offices. Our mission is to deliver top-tier business advisory services tailored to the multifaceted needs of the alternative investments landscape. As part of the network, you will take on project-based assignments that let you apply your expertise directly to our client initiatives. These consulting roles provide the opportunity to work on varied and impactful projects across the alternative investments industry.

Our Services Include :

Advising alternative investment managers with front-to-back office services, including but not limited to operations, business development strategy, due diligence, human resources, and compliance

Providing fractional expert advisors in key operational areas for emerging and established investment firms

Offering executive, life, health, and career coaching for individuals

Delivering talent acquisition and leadership development solutions

Developing SaaS applications for enterprise and consumer use

Visit us at more information.

WHO WE NEED :

Arootah is searching for experienced Chief Financial Officers to consult our client base across the alternative investment landscape. As a consultant, you will work with our Alternative Asset Firm and Family Office clients to provide expert advice. Having previously served in the role of Chief Information Security Officer you have specific, hands-on experience building, maintaining, and operating the full Cybersecurity Program for leadingAlternative Asset Firms or Family Offices.

What You'll Do

• Provide advice and guidance to Arootah clients who seek help with their Cybersecurity needs. This will involve consulting to some of the leading Alternative Asset Firms and Family Offices in the world and sharing your experience as a Chief Information Security Officer in helping clients to :
• Serve as strategic cybersecurity advisor to the Principal / Founder, providing expert guidance on information security strategy, risk management, and cyber threat mitigation for alternative asset firms and family offices.
• Develop and implement comprehensive cybersecurity programs, establishing security policies, procedures, standards, and control frameworks aligned with industry best practices and regulatory requirements (SEC cybersecurity rules, NYDFS, GDPR, etc.).
• Design enterprise-wide security architecture, assessing technology infrastructure, application security, cloud environments, network security, and data protection to identify vulnerabilities and implement risk mitigation strategies.
• Establish incident response and business continuity protocols, creating detection and response procedures, breach notification plans, disaster recovery frameworks, and conducting tabletop exercises to ensure preparedness.
• Build security awareness and training programs, developing onboarding materials, phishing simulations, ongoing education, and compliance training to foster a security-conscious culture across the organization.
• Conduct comprehensive risk assessments, performing vulnerability testing, penetration testing, security audits, and gap analyses to identify weaknesses and prioritize remediation efforts based on risk severity.
• Evaluate and manage vendor security, conducting third-party risk assessments for fund administrators, cloud providers, prime brokers, and other service providers to ensure adequate security controls and data protection.
• Implement security monitoring and threat intelligence, establishing security information and event management (SIEM) systems, intrusion detection, endpoint protection, and continuous monitoring to detect and respond to threats.
• Develop data governance and privacy frameworks, creating data classification policies, access controls, encryption standards, data loss prevention measures, and ensuring compliance with privacy regulations.
• Partner with IT and operations teams to integrate security into system implementations, application development, infrastructure changes, and business processes while balancing security requirements with operational efficiency.
• Advise on security technology and automation, recommending tools for identity and access management, multi-factor authentication, security orchestration, and leveraging AI / machine learning to improve scalability and threat detection.
• Report to executive leadership and boards on cybersecurity posture, emerging threats, security metrics, incident status, and budget requirements with clear, non-technical communications tailored to business decision-makers.
• Lead special projects including security assessments, regulatory compliance implementations, security tool selections, cloud migrations, merger integrations, and preparation for regulatory examinations.

QUALIFICATIONS&REQUIREMENTS

Job Status

$250 - $400 an hour

The hourly consulting rate of pay is expected to be a minimum of $250 and a maximum of $400, per hour. The hourly rate will be determined by several factors which may include, but are not limited to, the length of the individual engagement, level of difficulty, level of specialization required, professional designations, skills, and years of experience.

Join a well-funded disruptor in finance and technology.

Enjoy the flexibility of remote work and choosing your assignments.

Be part of a dynamic, high-energy company in its expansion stage. Now is the time to join!

For more information, visit us at Arootah.com.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.