PJT Partners is a global advisory-focused investment bank. Our team of senior professionals delivers a wide array of strategic advisory shareholder advisory restructuring and special situations and private fund advisory and placement services to corporations financial sponsors institutional investors and governments around the world. We offer a unique portfolio of advisory services designed to help our clients achieve their strategic objectives. We also provide through PJT Park Hill private fund advisory and fundraising services for alternative investment managers including private equity funds real estate funds and hedge funds.

From the beginning PJT Partners has firmly believed that having the best people is key to building an enduring franchise. Our perspective was and remains that a great team brings in both top tier clients and appeals to a wide-range of diverse talented colleagues. Fostering an inclusive culture which welcomes differing perspectives and beliefs enables us to provide the best advice and insights to our clients.

To learn more about PJT Partners please visit our website at.

Overview

The Technology department at PJT is responsible for creating and continuously improving a robust and secure technology foundation that supports the firms business activities. Underpinning that the Cybersecurity function ensures that the firm accurately identifies investigates and remediates incidents and evaluates applicable controls related to the firms technology. As the technology landscape at PJT is undergoing significant change the Cybersecurity function is also evolving to help enable that change.

Role Description:

We are seeking an experienced hands-on Cybersecurity Professional to own and drive the firms vulnerability management and patching program. This is an execution-focused role the ideal candidate will be equally comfortable building strategy and rolling up their sleeves to conduct scans validate remediations coordinate fixes directly with engineering and infrastructure teams and provide reporting and metrics on remedial actions and SLA-adherence.

In addition to vulnerability management this individual will serve as a critical incident response resource providing coverage during hours when the primary SOC team may not be available. This includes triaging and responding to critical-severity incidents escalating appropriately and ensuring continuity of response without gaps.

The candidate should bring a solutions-oriented investigative mindset comfort in a fast-paced environment and the ability to build strong relationships across Technology and relevant business functions.

Responsibilities

Vulnerability Management (Hands-On Execution)

• Conduct regular vulnerability assessments of all systems applications and infrastructure
• Execute vulnerability scans using tools such as Nessus Qualys or Rapid7; perform or coordinate penetration testing and security assessments.
• Analyze vulnerability data and issue actionable remediation mitigation or risk-acceptance recommendations calibrated to the firms risk profile.
• Drive remediation directly with engineering infrastructure and application teams tracking findings from discovery through to validated closure.
• Validate all remediations to confirm findings are fully resolved.
• Develop and maintain meaningful vulnerability metrics and dashboards for senior leadership incorporating risk-based scoring SLA adherence and trend analysis.
• Work with cross-functional teams to embed vulnerability management considerations into the design development and testing of new systems and applications.
• Coordinate with external vendors and partners to optimize detection quality validate findings and improve remediation workflows.

Program Management & Governance

• Develop and maintain security policies procedures and standards aligned to industry best practices (NIST CIS ISO) and PJT policy requirements.
• Support audit evidence collection and manage remediation timelines for compliance-related findings.
• Communicate security risks and program status to management and stakeholders; provide clear prioritized recommendations.
• Understand and effectively balance risk versus business operability in all remediation decisions.
• Provide leadership and mentorship to junior security team members; manage and direct external teams as needed.

Engineering

• Support and maintain the vulnerability management platform infrastructure including scanner and agent configuration and integration with downstream ticketing and reporting systems.
• In support of the overall PJT security program assist with project work on security infrastructure including SIEM EDR and related tooling contributing engineering effort as priorities require.

Qualifications

PJT Partners seeks to hire individuals who are highly motivated intelligent and have demonstrated excellence in prior addition qualified candidates will possess the following:

Education & Experience

• Bachelors degree in Computer Science Information Security or a related field.
• 710 years of experience in information security with a strong focus on vulnerability management secure design review patch operations and incident response.
• Demonstrated experience running a hands-on vulnerability management program not solely in an oversight or program management capacity.
• Experience providing incident response coverage including participation in on-call rotations or extended-hours response.

Technical Skills

• Proficiency with vulnerability management platforms such as Nessus Qualys or Rapid7; ability to operate these tools directly not just interpret reports.
• Knowledge of cloud security posture management (CSPM) platforms such as Wiz or Microsoft Defender for Cloud and exposure management workflows.
• Strong technical skills in vulnerability scanning patch management and network security protocols.
• Working knowledge of operating systems (Windows Linux) and web application security.
• Familiarity with SIEM tools for alert triage and incident investigation.
• Scripting and automation skills in PowerShell or Python; experience with workflow tools such as ServiceNow or JIRA.

Frameworks & Standards

• Working knowledge of security frameworks including NIST CSF CIS Controls and ISO 27001.
• Understanding of incident response frameworks (e.g. NIST SP 800-61 PICERL) and how vulnerability management integrates into the IR lifecycle.

Soft Skills & Availability

• Excellent communication and interpersonal skills; able to convey complex security issues to both technical and non-technical audiences.
• Strong leadership and mentorship abilities; demonstrated experience managing cross-functional teams and external consultants.
• Ability to work independently manage competing priorities and adapt to rapidly shifting demands.
• Willingness and ability to provide extended-hours incident response coverage as required by the role including off-hours and weekend on-call responsibilities.

All qualified applicants will receive consideration for employment without regard to race color religion sex age disability sexual orientation national origin or any other category protected by law.