About The Position

We are seeking a highly motivated Senior Consultant to join our Cyber Risk Management & Transformation practice. The successful candidate will support organizations in identifying, assessing, and managing cybersecurity, technology, and privacy risks while helping clients strengthen their overall security posture and meet regulatory and compliance requirements. You will work alongside experienced cybersecurity professionals to help clients solve complex cybersecurity, privacy, risk, and compliance challenges. This role offers exposure to a broad range of industries, technologies, and strategic initiatives while providing opportunities for professional growth and leadership development. This role combines cybersecurity consulting, governance, risk and compliance (GRC), privacy, and strategic advisory services. The ideal candidate is a strong communicator who can engage with both technical teams and executive stakeholders, manage multiple client engagements, and deliver practical, risk-based recommendations.

Requirements

  • 5-8+ years of experience in cybersecurity, information security, IT risk management, privacy, governance, or cybersecurity consulting.
  • Strong understanding of industry frameworks and standards including NIST CSF, NIST 800-53, ISO 27001, CIS Controls, SOC 2, FedRAMP, and StateRAMP.
  • Experience conducting cybersecurity risk assessments, control reviews, maturity assessments, and compliance assessments.
  • Strong understanding of cybersecurity governance, risk management, and security control frameworks.
  • Experience assessing security controls across cloud, infrastructure, application, and data environments.
  • Excellent written, verbal, presentation, and stakeholder management skills.
  • Experience delivering client-facing consulting engagements and managing multiple concurrent projects.
  • Strong analytical, problem-solving, and project management capabilities.

Nice To Haves

  • CISSP
  • CISM
  • CRISC
  • CISA
  • ISO 27001 Lead Implementer/Lead Auditor
  • PMP

Responsibilities

  • Lead cybersecurity risk assessments, maturity assessments, gap assessments, and control evaluations using frameworks such as NIST CSF, NIST 800-53, ISO 27001:2022, CIS Controls, SOC 2, FedRAMP, and StateRAMP.
  • Identify, assess, measure, and report on cybersecurity, technology, third-party, and privacy risks through security reviews, audits, evaluations, and risk assessments.
  • Develop cybersecurity roadmaps, remediation plans, and target-state operating models aligned with client business objectives and risk tolerance.
  • Assess the effectiveness of cybersecurity programs, governance structures, risk management processes, and technical controls across client environments.
  • Assess and recommend controls related to Identity and Access Management (IAM), Data Protection, Endpoint Security, Security Monitoring, Vulnerability Management, and Zero Trust Architecture.
  • Assist organizations with implementing and monitoring privacy programs to ensure compliance with regulations and standards such as PIPEDA, Quebec Law 25, GDPR, and other applicable privacy requirements.
  • Evaluate security and control requirements for new technologies, cloud implementations, digital transformation initiatives, and emerging technologies, including Artificial Intelligence (AI).
  • Conduct third-party and vendor security assessments and support supply chain risk management initiatives.
  • Assess incident response, business continuity, disaster recovery, and cyber resilience programs, providing recommendations to improve readiness and response capabilities.
  • Facilitate cybersecurity workshops, risk discussions, and stakeholder interviews.
  • Develop executive-level reports, presentations, dashboards, risk registers, and strategic recommendations for senior leadership and boards.
  • Research, pilot, and implement innovative cybersecurity and privacy solutions tailored to client objectives and business environments.
  • Provide strategic guidance on Governance, Risk, Compliance (GRC), Privacy, and Cybersecurity Program initiatives.
  • Identify opportunities to improve delivery efficiency, methodologies, and client outcomes.
  • Drive the successful completion of cybersecurity engagements while managing project plans, budgets, deliverable schedules, resources, and client expectations.
  • Support proposal development, business development initiatives, thought leadership, and client presentations.

Benefits

  • competitive total cash compensation
  • comprehensive benefits from day one
  • flexible personal time off policy
  • reimbursement for wellness initiatives
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service