Senior Associate, Cybersecurity Advisory & Risk Management
Listed on 2026-07-01
-
IT/Tech
Cybersecurity, IT Consultant, Information Security
Senior Associate, Cybersecurity Advisory & Risk Management
Position Overview
Job Title:
Senior Associate, Cybersecurity Advisory & Risk Management
Department: ITRM
Employment Status:
Full Time
Effective Date: 6/12/2026
About UsMeditology Services is a leading healthcare-focused cybersecurity, privacy, compliance, and information risk management consulting firm. We help healthcare organizations manage risk, strengthen security programs, achieve compliance objectives, and improve cybersecurity maturity through practical, business-focused advisory services.
Our consultants work alongside healthcare executives, information security leaders, compliance teams, and operational stakeholders to solve complex cybersecurity and risk management challenges. We pride ourselves on delivering actionable recommendations, building trusted relationships, and helping our clients improve their security posture in meaningful ways.
Why MeditologyAt Meditology, consultants are more than assessors – they are trusted advisors. You'll have the opportunity to work directly with healthcare executives, lead meaningful client engagements, develop expertise across cybersecurity and risk management disciplines, and help shape the future of healthcare cybersecurity.
This role provides a clear path toward advancement into Manager, Engagement Manager, and Advisory Leadership positions while working alongside some of the industry's leading healthcare cybersecurity professionals.
If you're looking for a role that combines cybersecurity expertise, client interaction, strategic thinking, presentation skills, and professional growth, we'd love to hear from you.
This version positions the role as approximately one level below your Engagement Manager role—less focused on project governance and accountability, and more focused on assessment leadership, client advisory, presentations, report development, and becoming a future trusted consultant. It should compete well against roles from Clearwater, Fortified, Security Risk Advisors, Deloitte Cyber Risk, and PwC Risk & Regulatory, while still reflecting Meditology's healthcare-centric advisory model.
PositionDescription
Meditology is seeking a Senior Associate to join our Information Technology Risk Management (ITRM) Advisory practice. This role is ideal for a cybersecurity professional who enjoys working directly with clients, leading assessments, facilitating discussions, and helping organizations address complex cybersecurity, governance, risk, and compliance challenges.
Unlike traditional audit-focused roles, this position combines assessment execution, strategic advisory services, client relationship development, presentation delivery, and thought leadership. The ideal candidate is someone who wants to develop into a trusted advisor capable of leading client engagements, influencing executive decision-making, and helping organizations mature their cybersecurity programs.
This is a highly visible, client-facing consulting role with significant opportunities for growth and advancement.
Responsibilities- Lead client interactions: conduct interviews, workshops, and discovery sessions.
- Facilitate discussions with executives, operational leaders, and technical teams.
- Manage engagement activities, timelines, and deliverables.
- Build trusted client relationships.
- Identify client risks, challenges, and opportunities.
- Provide practical recommendations that align cybersecurity priorities with business objectives.
- Support executive briefings and strategic discussions.
- Lead portions of client engagements independently while partnering with Managers and Service Line Leaders on larger initiatives.
- Conduct NIST Cybersecurity Framework (CSF) 2.0 assessments.
- Lead HIPAA Security Risk Assessments (SRAs).
- Perform cybersecurity maturity assessments.
- Evaluate governance, risk, and compliance programs.
- Conduct AI governance and AI risk assessments.
- Assess third-party risk management programs.
- Identify cybersecurity risks, control gaps, and improvement opportunities.
- Develop risk registers, remediation roadmaps, and strategic recommendations.
- Facilitate stakeholder interviews and workshops.
- Present…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).