Information Security Risk Consultant

About The Position

Requirements

• 5 or more years of experience in information security, risk management, or security consulting
• Experience supporting secure software development life cycle activities
• Experience conducting vendor risk assessments and due diligence reviews
• Strong understanding of security controls, risk frameworks, and mitigation strategies
• Experience working directly with business and technical stakeholders
• Strong written and verbal communication skills
• Strong analytical and risk assessment capabilities
• Ability to communicate complex security concepts to non-technical stakeholders
• Strong organizational and reporting skills
• Ability to manage multiple concurrent tasks in a demand-driven environment
• Collaborative and consultative approach to problem solving
• High attention to detail and accountability in security processes

Nice To Haves

• Experience supporting divestiture, integration, or transformation programs
• Familiarity with enterprise security assessment methodologies
• Experience supporting physical security assessments
• Experience working in regulated or large enterprise environments

Responsibilities

• Support secure-by-design initiatives by evaluating security controls within application implementations
• Perform security-related SDLC activities using standardized security user stories
• Provide ongoing consultation for in-scope applications to ensure alignment with security requirements
• Assist development and project teams in understanding and applying security controls
• Conduct risk assessments and due diligence activities for third-party vendors
• Identify risks and recommend mitigation strategies aligned with organizational standards
• Support vendor risk management processes and ongoing monitoring activities
• Support physical site security assessments on an as-needed basis
• Facilitate Security Risk Acknowledgment and Action Planning activities
• Provide ad-hoc security consultation through formal service request processes
• Ensure consistent application of security governance practices across initiatives
• Prepare and deliver monthly reports summarizing security demand, activities, and outcomes
• Track and communicate workload, trends, and key risk indicators
• Provide updates to leadership on security initiatives and risk posture
• Partner with business, IT, and security teams to align on risk, controls, and implementation strategies
• Act as a trusted advisor for security-related decisions and risk acceptances
• Support cross-functional communication and coordination on security initiatives

Benefits

• Competitive salary