Introduction Welcome to Gallagher - a global community of people who bring bold ideas, deep expertise, and a shared commitment to doing what’s right. We help clients navigate complexity with confidence by empowering businesses, communities, and individuals to thrive. At Gallagher, you’ll find more than a job; you’ll find a culture built on trust, driven by collaboration, and sustained by the belief that we’re better together. Whether you join us in a client-facing role or as part of our brokerage division, our benefits and HR consulting division, or our corporate team, you’ll have the opportunity to grow your career, make an impact, and be part of something bigger. Experience a workplace where you’re encouraged to be yourself, supported to succeed, and inspired to keep learning. That’s what it means to live The Gallagher Way. Overview GCIS M&A Cybersecurity Analyst Job Description The M&A Cybersecurity Analyst is responsible for identifying, evaluating, and communicating cybersecurity risks associated with potential acquisition and merger partners. This role operates with a high degree of independence and serves as a trusted risk advisor to M&A leadership by translating complex and often incomplete technical information into clear, actionable risk insights that influence deal decisions and integration strategy. The analyst performs structured cybersecurity assessments, conducts investigative analysis of target environments, and develops risk-based recommendations that support informed decision-making throughout the due diligence and early integration lifecycle. Please note additional position details below: - This is a Temp-To-Hire, W-2 and T4 position. We cannot do 1099 or C2C or incorporation. - It is a fully remote role that will need to be based in the U.S or in Canada. - You must meet our U.S. and Canada Eligibility requirements for work authorization as noted under "Additional Information" at the bottom of the job description. How you'll make an impact Core Responsibilities - Lead and support cybersecurity risk assessments for acquisition targets across varying levels of maturity and technical complexity. - Analyze target IT environments to identify material security risks across infrastructure, applications, identity, cloud services, and historical incident activity. - Conduct open-source intelligence (OSINT) research to identify external exposures and breach - Apply established M&A cybersecurity evaluation methodologies to assess risk posture and highlight areas requiring remediation or enhanced monitoring. - Translate technical findings into clear, executive-level risk narratives and actionable recommendations. - Collaborate with M&A IT, divisional stakeholders, legal, and integration teams to validate findings and support remediation planning. - Provide regular assessment updates to M&A leadership and project teams, including emerging risks, mitigation progress, and residual exposure. - Identify recurring risk patterns across acquisitions and contribute to continuous improvement of due diligence methodologies and mitigation controls. - Support development of metrics, dashboards, and KPI reporting to improve visibility into assessment quality, risk trends, and program effectiveness. Key Job Elements - Review and interpret due diligence artifacts provided by acquisition targets and internal M&A IT teams. - Draft cybersecurity risk assessment memorandums that clearly articulate material risks, likelihood, and potential business impact. - Coordinate stakeholder reviews, approvals, and management action alignment for assessment deliverables. - Participate in peer review and quality assurance processes to maintain consistency and accuracy across assessments. - Recognize cross-deal trends and recommend enhancements to due diligence processes, tooling, and reporting. About you Required Qualifications - Bachelor’s degree in Information Security, Computer Science, Information Technology, Business, or related field (or equivalent experience). - 2 - 5 years of experience in cybersecurity risk assessment, due diligence, security consulting, vulnerability management, or related disciplines. - Working knowledge of cybersecurity principles across network security, endpoint security, cloud environments, identity, application security, and threat intelligence. - Strong analytical and critical thinking skills with the ability to prioritize risk with incomplete information. - Experience applying security frameworks and structured risk evaluation methodologies. - Excellent written communication skills with the ability to translate technical findings into clear business risk narratives. - Demonstrated ability to manage multiple concurrent efforts within fast-moving, deadline-driven environments. Preferred Qualifications - Experience supporting mergers and acquisitions, consulting engagements, or structured cybersecurity assessment programs. - Familiarity with investigative techniques such as OSINT research, cybersecurity incident history analysis, and external exposure discovery. - Exposure to cybersecurity governance frameworks (ISO, NIST, CIS) within assessment or advisory contexts. - Ability to evaluate security maturity and control effectiveness in environments with limited documentation or incomplete visibility. - Professional certifications such as CISSP, CRISC, CISM, or equivalent. #LI-NJ1 #Contingent #APintegration Compensation and benefits We offer a competitive and comprehensive compensation package. The base salary range represents the anticipated low end and high end of the range for this position. The actual compensation will be influenced by a wide range of factors including, but not limited to previous experience, education, pay market/geography, complexity or scope, specialized skill set, lines of business/practice area, supply/demand, and scheduled hours. On top of a competitive salary, great teams and exciting career opportunities, we also offer a wide range of benefits. Below are the minimum core benefits you’ll get, depending on your job level these benefits may improve: - Medical/dental/vision plans, which start from day one! - Life and accident insurance - 401(K) and Roth options - Tax-advantaged accounts (HSA, FSA) - Educational expense reimbursement - Paid parental leave Other benefits include: - Digital mental health services (Talkspace) - Flexible work hours (availability varies by office and job function) - Training programs - Gallagher Thrive program – elevating your health through challenges, workshops and digital fitness programs for your overall wellbeing - Charitable matching gift program - And more... **The benefits summary above applies to fulltime positions. If you are not applying for a fulltime position, details about benefits will be provided during the selection process. We value inclusion and diversity Click Here to review our U.S. Eligibility Requirements Inclusion and diversity (I&D) is a core part of our business, and it’s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work. Gallagher embraces our employees’ diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as “protected characteristics”) by applicable federal, state, or local laws. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.