Cyber Risk Consultant

About The Position

Requirements

• 5+ years in cyber risk, IT risk, or information security risk (consulting or Big 4 experience preferred).
• Strong communication and presentation skills with ability to engage senior leadership.
• Ability to translate technical concepts into business risk language.
• Experience managing risk registers and tracking remediation activities.
• Technical understanding of systems, controls, and risk scenarios.
• Proactive, organized, and able to anticipate stakeholder needs.
• Experience contributing to risk program design or process improvement

Nice To Haves

• Experience with qualitative risk analysis methodologies in cybersecurity or IT environments.
• Prior experience with FAIR (Factor Analysis of Information Risk).
• Familiarity with ISO 27001, NIST, or similar frameworks.
• Experience with ServiceNow IRM or similar GRC platforms.
• Relevant certifications (CISSP, CISA, CISM, CRISC).

Responsibilities

• Facilitate risk acceptance and awareness discussions with senior leadership; translate technical risks into business terms.
• Develop executive-ready presentations and proactively anticipate leadership questions and data needs.
• Maintain and track the cyber risk register, including follow-up on remediation actions and acceptance decisions.
• Perform qualitative risk analysis (likelihood and impact) using scenario-based models.
• Evaluate control effectiveness and compensating controls; provide risk-based recommendations.
• Support and contribute to the design and improvement of the cyber risk management program and associated processes.

Benefits

• 401(k)
• Dental insurance
• Vision Insurance
• Disability insurance
• Employee assistance program
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Paid Holidays