About Drawbridge Partners

Drawbridge Partners is a cybersecurity software and services firm specializing in the needs of hedge fund and private equity managers. With proven results and extensive industry experience, Drawbridge Partners assists managers with building and maintaining a rigorous cybersecurity program to protect their sensitive data. Cybersecurity, advanced data protection, and a highly secure systems infrastructure are an absolute requirement to ensuring future success in the alternative investment space. Drawbridge Partners will engage in logical, technical, and human processes, which will provide state-of-the-art innovations to create a program that exceeds regulatory guidelines and investor demands.


Working at Drawbridge Partners

At Drawbridge Partners, we are committed to attracting and retaining the best individuals who enjoy working in a fast-paced environment. You will be joining an agile team that will help you at every level of your career to identify and use your strengths to grow. This is an opportunity to work at a company that is open to new ideas as we build a dynamic and diverse environment for our employees. The work will be challenging and rewarding. You will gain hands on experience from a team who strives to see its employees succeed.


How to Apply

We are looking for highly motivated, results oriented individuals who have an entrepreneurial spirit to join our fast growing team.  Excellent communication skills are a MUST.  If this sounds like you, and you’re ready to take the next step in your career at a company that is invested in YOU, please send your resume with a cover letter to

Location: New York, NY
Job Type: Full-Time
Salary: Based on Experience


General Responsibilities

  • Assist with client projects and develop the skills to lead projects as your time at Drawbridge Partners continues.
  • Assist with tailoring the project management framework, approaches, and methods to help streamline projects.
  • Identify tasks necessary to remediate identified risks and vulnerabilities for clients and service providers.
  • Conduct risk analysis, assessments, and security audits using internal and third-party tools.
  • Demonstrate an advanced understanding of business processes, internal control risk management, IT controls, and related standards.
  • Identify and evaluate complex business and technology risks, controls to mitigate risks, and related opportunities for control improvement.
  • Understand business, information technology, risk, and operational management processes.
  • Interpret controls and provide suggestions for mitigation strategies to clients and service providers.
  • Learn the regulatory framework and compliance guidelines for cybersecurity for the SEC, NFA, FCA, MAS, and any other regulatory agency applicable to our clients.
  • Ensure projects are completed within a reasonable time frame and monitor the status of projects.
  • Initiate periodic check-ins with clients to ensure services and projects are up to par with client expectations.
  • Follow up with clients and service providers to ensure documents requests or documents needing review are addressed.
  • Update internal trackers, provide status updates to project managers, and ensure other internal matters relating to projects or clients are kept up-to-date.
  • Maintain relationships with clients, IT providers, and other service providers.


Project Responsibilities

  • Schedule, conduct, and lead risk assessment meetings with clients and IT providers to obtain information regarding a client’s security and privacy controls.
    • Prepare risk assessment reports and discuss the assessment findings with clients.
  • Conduct cybersecurity due diligence on our clients’ service providers.
    • Send, track, and store due diligence questionnaires and corresponding documents from service providers.
    • Create deadlines, send reminder emails, and deadline extension notifications to service providers.
    • Review due diligence submissions from service providers and follow up with service providers, where necessary.
    • Prepare risk assessment reports based on the due diligence exercise and discuss the assessment findings with clients.
  • Conduct vulnerability scans on client networks and send scan reports to clients.
    • Deploy and execute vulnerability assessments with clients onsite.
    • Act as liaison between vulnerability scanning solution provider and IT providers
  • Conduct live or schedule online training for clients.
    • Track the status of the trainings scheduled online and prepare training reports.
  • Conduct live or virtual incident response tabletop exercises.
    • Prepare tabletop exercise summary reports.


Minimum Qualifications

  • Strong knowledge of security standards and frameworks such as, but not limited to, NIST, CIS, COBIT, etc.
  • A diverse understanding of security disciplines.
  • Knowledge of auditing standards and frameworks such as, but not limited to, COSO, ITAF, and ISO.
  • CRISC, CISA, CISSP, CIPP, Security +, certifications are a huge plus.
  • Previous experience with vulnerability management software such as Qualys, Nessus, Tenable, etc.
  • Previous Experience conducting risk assessments are a plus.
  • Experience in a client/customer facing role .
  • Knowledge of IT infrastructure, Cloud Technology, Business Continuity, Disaster Recovery, and Incident Response
  • Knowledge of hedge fund, private equity, or RIA operations/compliance a huge plus.

Drawbridge Partners, LLC is an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, disability, protected veteran status, or any other legally protected characteristic, in accordance with applicable law

A Sampling of Recent Awards