At Cream City Cyber, we understand the convergence of physical and digital risks and how they impact businesses and governments alike. Our battle-tested experts have been trusted advisors for decades, offering tailored security solutions to help clients navigate evolving landscapes. We strive to mitigate risks with confidence, enabling our partners to thrive in a connected world.
Technology Risk Management Consultant
Overview
We are seeking a skilled and detail-oriented Technology Risk Management Consultant to join our Risk & Compliance consulting team. The ideal candidate will have hands-on experience in risk assessment, regulatory compliance, vulnerability management, and governance support. This position requires a strong analytical mindset, effective communication skills, and the ability to work cross-functionally to support security objectives.
Key Responsibilities
Risk Management
- Perform preliminary assessments of technology and cybersecurity risks
- Document risk treatment plans and track mitigation progress
- Maintain risk registers and records of identified risks
Controls Management
- Assist in implementing and testing security controls
- Identify gaps and improvement opportunities in existing controls
- Support audit preparation and control documentation
- Ensure alignment of controls with compliance requirements and project goals
Vulnerability Management
- Coordinate vulnerability remediation with stakeholders
- Track mitigation progress and maintain accurate documentation
- Support report preparation and risk prioritization
Metrics and Reporting
- Gather and analyze risk data for dashboards and presentations
- Ensure data accuracy and consistency
- Support stakeholder communication with clear data visualization
GRC Programs
- Contribute to the development and maintenance of policies and procedures
- Ensure documentation is current and aligned with operational needs
- Participate in GRC program updates and process improvements
Regulatory Compliance
- Assist in compliance assessments and gap analyses
- Draft and update documentation
- Track remediation activities to ensure compliance
Cross-Functional Collaboration
- Support integration of risk and compliance into project efforts
- Share insights with stakeholders to align on project objectives
Policy Development
- Conduct policy research and benchmark industry practices
- Draft and update policy documentation
- Clarify policy implications for team members
Leadership and Team Contribution
- Own smaller tasks and projects with quality focus
- Collaborate and share knowledge with the team
- Participate in meetings and process improvement efforts
Problem Solving
- Apply structured analysis to identify trends and risks
- Develop actionable insights and support solution development
- Clearly communicate solutions to stakeholders
Career Growth
- Engage in self-directed learning and certifications
- Seek challenging assignments to expand skills and business understanding
Required Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field
- 3+ years of experience in cybersecurity risk management or information security
- Solid understanding of risk management principles, assessment methodologies, and control frameworks
- Familiarity with compliance frameworks and regulations (NIST CSF, PCI-DSS, ISO/IEC 27001, SOC 2, GDPR, HIPAA)
- Strong written and verbal communication skills
- Ability to engage technical and non-technical stakeholders effectively
- Strategic thinking and alignment of risk tasks with business goals
Preferred Qualifications
- Degree or experience in Information Security, Business Administration, or a related field
- Certifications such as Security+, GRCP, CGRC, or similar
- Exposure to regulated environments and compliance roles
- Familiarity with cloud security, vendor risk, and incident response
- Experience with audit support and security awareness programs
Application
This is a full-time position offering growth opportunities, professional development, and the chance to work on meaningful cybersecurity initiatives. Apply now to be part of a collaborative, impact-driven team.
