More jobs:
Sr. Security Risk Management Consultant
Job in
Livonia, Wayne County, Michigan, 48153, USA
Listed on 2026-07-08
Listing for:
Conexess Group
Full Time
position Listed on 2026-07-08
Job specializations:
-
IT/Tech
Cybersecurity, Information Security
Job Description & How to Apply Below
Purpose
The Senior Security Risk Management Consultant serves as a strategic advisor, liaison, and subject matter expert, driving enterprise-wide security risk management strategies that support our mission and operational excellence. This role partners with senior leadership, security, IT, and business stakeholders to identify, assess, and mitigate cybersecurity risks while ensuring alignment with organizational priorities and regulatory requirements. Responsibilities include leading complex risk assessments, guiding risk treatment strategies, influencing enterprise decision-making, and strengthening overall risk posture through governance, metrics, and continuous improvement.
Programand Regulatory Compliance
- Supports the development and execution of our Information Security Third Party Risk and Integrated Risk Management Program, contributing to definition of team goals, scope of work, and deliverables aligned to Enterprise Information Security (EIS) priorities.
- Serves as a trusted advisor and liaison to stakeholders, ensuring initiatives align with organizational mission, values, operational goals, and applicable regulatory, legal, and contractual requirements.
- Leads and coordinates team participation in regulatory audits and investigations, including the preparation, validation, and delivery of required evidence, while supporting overall audit readiness and response efforts.
- Contributes to a high-performing team of security risk professionals by providing guidance and support in third-party and integrated risk management, risk-based prioritization, and enterprise risk remediation coordination.
- Serves as a mentor and trusted resource to team members, offering subject matter expertise and helping to drive consistency, accountability, and quality in work delivery.
- Supports the development and refinement of team practices, including role clarity, competencies, and growth pathways aligned to organizational expectations.
- Provides ongoing coaching, knowledge sharing, and development support to colleagues, fostering professional growth and preparing team members for expanded responsibilities.
- Promotes a collaborative and inclusive team environment, encouraging open communication, psychological safety, and data-informed decision-making.
- Demonstrates authentic and professional influence, building trust through clear communication, partnership, and effective engagement with peers, leadership, and stakeholders.
- Supports and contributes to third‑party and integrated risk management activities within our GRC platforms, identifying opportunities for process improvement and adapting to evolving control frameworks and risk requirements.
- Performs and reviews vendor tiering and risk assessments, partnering with team members and providing guidance on complex or higher-risk cases as needed.
- Contributes to the execution and ongoing refinement of the third‑party cyber risk lifecycle, including intake, due diligence, control assessment, remediation tracking, and ongoing monitoring.
- Evaluates vendor security controls across multiple domains (e.g., identity and access management, network and cloud security, data protection, incident response, and business continuity), applying risk-based judgment.
- Reviews and provides input on security-related contractual requirements, supporting alignment with organizational standards and regulatory expectations.
- Participates in coordination of offshore security risk compliance activities, helping to ensure consistency, quality, and timeliness of deliverables.
- Translates technical findings into clear business risk insights to support decision-making by stakeholders and business partners.
- Prepares and supports materials for audits, regulatory inquiries, and internal governance reviews.
- Documents and tracks risks, supports remediation efforts, and facilitates security policy exception (risk acceptance) processes in alignment with established standards.
- Identifies security risks and manages issues by working with stakeholders to develop corrective action plans, including cost and timeline analysis, and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×