Senior Information Risk Consultant

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior Information Risk Consultant in United States.

This role sits at the core of enterprise cybersecurity and governance, focusing on identifying, assessing, and mitigating information risks across complex technology and business environments. You will collaborate with architecture, engineering, compliance, and business teams to evaluate security posture and ensure alignment with industry frameworks and internal policies. The position blends hands-on risk assessment with strategic advisory responsibilities, requiring you to translate technical vulnerabilities into clear business impacts and actionable mitigation plans. You will also contribute to the continuous improvement of risk governance practices, including policy development, control validation, and compliance readiness. Operating in a highly regulated environment, you will help ensure adherence to standards such as HITRUST, NIST, PCI, and ISO frameworks. This is a senior-level role where your expertise directly strengthens organizational resilience and security maturity.

In this role, you will lead and support enterprise information risk assessments, drive compliance initiatives, and partner with cross-functional teams to strengthen security governance and reduce organizational risk exposure.

• Lead information risk assessments by gathering documentation, conducting stakeholder interviews, and analyzing security controls and vulnerabilities.
• Evaluate and document risk scenarios, including likelihood, impact, threat vectors, and mitigation effectiveness.
• Communicate risk findings clearly to technical teams, management, and stakeholders, ensuring alignment on remediation actions.
• Maintain and contribute to enterprise risk registers, including tracking, scoring, and updating risk statements.
• Monitor remediation activities and ensure risk treatment plans are progressing effectively and within defined timelines.
• Partner with architecture and engineering teams to embed security requirements into solution design and enterprise initiatives.
• Support compliance with frameworks and standards such as HITRUST, NIST, PCI-DSS, and ISO 27001.
• Prepare and present risk and security reports to leadership and governance committees.
• Mentor team members and contribute to the development of risk management practices across the organization.

Requirements:

The ideal candidate brings deep experience in information security, risk management, and governance within complex, regulated environments.

• Bachelor’s degree in Information Security, Information Systems, Computer Science, or related field (or equivalent experience).
• 7–10+ years of experience in information security, risk management, or cybersecurity governance.
• Strong knowledge of risk frameworks such as NIST, HITRUST, PCI-DSS, HIPAA, ISO 27001, and COBIT.
• Experience conducting security risk assessments and developing mitigation strategies.
• Familiarity with enterprise security technologies (e.g., firewalls, DLP, SIEM, endpoint protection, encryption).
• Strong communication skills with the ability to present technical risks to executive and non-technical audiences.
• Experience working in matrixed environments and collaborating across technical and business teams.
• Understanding of secure SDLC practices and enterprise security architecture principles.
• Familiarity with AI governance, secure AI adoption, and automation in risk management is a plus.
• Industry certifications such as CISSP, CISA, CEH, or GSEC are preferred.

Benefits:

• Competitive salary range: $94,200 – $151,000 annually
• Fully remote work arrangement
• Opportunity to work on enterprise-level cybersecurity and risk programs
• Exposure to leading governance frameworks and regulatory standards
• Career growth in information security, risk, and compliance leadership tracks
• Collaborative, cross-functional environment with senior stakeholders
• Professional development and certification support opportunities
• Comprehensive benefits package including health, dental, vision, and retirement plans