Information Security Risk Consultant

How You’ll Contribute

As a Consultant on the Information Security Risk team, you will report to the Principal Director of Information Security Risk and play a key role in executing the firm’s technology risk management activities. In this role, you will serve as a trusted security subject‑matter expert, providing risk insight, guidance, and hands‑on support across the organization. You will contribute by:

• Perform Security Risk Assessments (SRAs) across applications, infrastructure, cloud platforms, and third‑party integrations to identify threats, vulnerabilities, and business impact.
• Determine inherent and residual risk levels using established risk taxonomies, scoring methodologies, and impact criteria aligned to enterprise standards.
• Evaluate the design and effectiveness of technical, administrative, and operational security controls against identified risks.
• Partner with technology, product, infrastr...