Resilience Advisor

Who You Are

You've spent time inside breaches - and now you use everything you learned there to help organizations make sure they don't happen again. You don't just consume threat intelligence; you understand where it comes from. While others are citing vendor feeds, you're synthesizing attacker TTPs from real IR data and turning them into guidance your clients can act on.

You're comfortable facilitating a tabletop exercise with a hospital's incident response team and presenting a cyber resilience roadmap to a CFO. You know what attackers do - which misconfigurations they exploit, which identity gaps they walk through, which controls organizations think are working but aren't. And you know how to translate that into programs that close the gap before the next breach, not after.

You've built trusted advisor relationships before. You know that getting there means showing up with answers grounded in reality, not frameworks, and following through every time. You're organized enough to manage a portfolio of retainer clients, strategic enough to drive meaningful roadmap progress, and technically credible enough that security practitioners and executives both leave the room trusting what you said.

Why You Matter

You'll be joining MOXFIVE as a Resilience Advisor, owning client relationships and leading delivery for our MOXGUARD advisory practice - the program that converts real-world incident response lessons into prevention-first security programs.

You'll manage an active portfolio of retainer clients and help onboard new ones as the program scales. But this isn't a role that maintains the status quo. You'll be drawing from MOXFIVE's live IR operations to deliver intelligence most consultants never have access to, designing tabletop exercises based on attacks we investigated, and turning post-incident findings into deployed security improvements for clients across healthcare, financialservices, manufacturing, legal, government, and more.

Most advisory programs offer frameworks. MOXGUARD offers a permanent post-incident perspective - and you're the one who brings it to life for every client in your portfolio.

What You'll Do

MOXGUARD Service Delivery

• Own the client relationship and serve as the trusted advisor for your assigned MOXGUARD accounts across targeted verticals

• Lead delivery of annual Active Directory posture reviews, identity gap analyses, and visibility evaluations

• Develop and present each client's Annual Cyber Resilience Roadmap - a 12-month action plan built around their actual maturity, risk profile, and priorities

• Facilitate tabletop exercises grounded in real attack patterns from MOXFIVE's IR operations, including on-site sessions when in-person collaboration adds value

• Conduct annual risk and exposure assessments across client environments and present actionable findings

• Drive recurring client meetings, keeping roadmap progress moving and advisory sharp

• Coordinate biannual policy and runbook alignment reviews - ensuring documentation reflects what works in real incidents, not just what sounds good on paper

Threat Intelligence & Content Development

• Deliver monthly IR-informed threat intelligence briefings for both technical and executive audiences

• Communicate patterns and trends observed across MOXFIVE's IR engagements - recurring misconfigurations, identity gaps, control failures - and embed those insights into client programs before they become incidents

Strategic Consulting & Implementation

• Lead implementation projects that originate from IR engagements, converting post incident recommendations into deployed solutions

• Scope requirements, develop statements of work, oversee technical resources, and support delivery of Resilience consulting engagements

• Identify opportunities to evolve consulting engagements into long-term MOXGUARD relationships

Practice Development

• Contribute to methodology refinement, template development, and process improvement across the practice

• Support business development through scoping calls, proposals, and client presentations

What You'll Bring

• 6+ years of progressive cybersecurity experience, with at least 3 years in client facing advisory, consulting, or senior technical roles

• A strong technical foundation in incident response, digital forensics, and threat analysis - with the ability to translate IR findings into strategic advisory content and tailored client recommendations

• Foundational understanding of Active Directory security, identity and access management, and enterprise security architecture

• Experience delivering security assessments, gap analyses, remediation roadmaps, and implementation projects

• Familiarity with EDR, SIEM, PAM, and other enterprise security platforms

• Understanding of cyber insurance processes, coverage requirements, and carrier expectations

• Proven ability to build trusted relationships and communicate with credibility to both technical practitioners and C-suite executives

• Strong project management skills and the ability to manage multiple concurrent client engagements without losing the thread on any of them

Bonus points for:

• Bachelor's degree in cybersecurity, computer science, information technology, or a related field

• Industry certifications such as CISSP, CISM, GCIH, GCFA, or equivalent GIAC credentials

• Background in a consulting firm or MSSP environment managing client portfolios

• Exposure to incident response operations at scale

• Familiarity with forensic sweep methodologies and threat hunting techniques

• Experience supporting cyber insurance underwriting or claims processes