Sr. Cybersecurity Consultant - Application Security
Listed on 2026-07-16
-
IT/Tech
Cybersecurity
Cyber Security Senior Consultant
The Cyber Security Senior Consultant leads and supports cybersecurity, risk management, and operational governance activities across the organization for business managed applications as well as lead initiatives to perform application security risk assessments. This role is well suited for a leader with strong analytical, communication, and technical skills who is interested in applying those strengths within crossroads of solution design assessments and cybersecurity governance functions.
The role works with technology teams, business stakeholders, cybersecurity partners, and risk/control functions. Responsibilities may include performing, managing and enhancing various aspects of the program such as application security assessments, vulnerability closures management, application inventory solution management, modernization of program activities via building and use of AI capabilities, process documentation, creating metrics and presenting to other governance bodies and senior leadership.
This is a broad, cross-functional role that combines elements of business and technology governance, risk assessment, risk management, some security engineering and process improvement. The candidate is expected to be comfortable managing multiple priorities, shifting between different types of work associated with the program and working across organizational boundaries with business, technology, cybersecurity, 2nd and 3rd lines risk partners.
This is a HYBRID ROLE that currently requires 2 days in the office. This can/may change over time.
Key Responsibilities- Lead or support cybersecurity governance, risk, and operational processes across applications, systems, and business managed application environments.
- Perform application and associated technology security risk assessments using threat modeling methodology.
- Lead or assist with tracking, analyzing, and reporting on security issues, control gaps, vulnerabilities, findings, remediation activities, and related action items.
- Manage multiple priorities across competing work streams, while maintaining clear ownership, follow-up, and communication.
- Work across organizational boundaries with business, technology, cybersecurity, risk, and control partners to clarify needs, resolve issues, and drive work forward.
- Oversee maintenance of accurate records, dashboards, trackers, reports, and documentation used for security oversight and management reporting.
- Coordinate and lead follow-ups with application owners, technology teams, risk partners, and other stakeholders to support timely completion of required activities.
- Review data from multiple sources to identify gaps, inconsistencies, trends, or items requiring escalation.
- Build and continuously look to enhance program metrics, prepare materials for governance forums, leadership updates, audits, assessments, or regulatory inquiries.
- Document procedures, process flows, and manage evidence of completed security program activities as needed for audit or regulatory inquiries.
- Partner with cybersecurity subject matter experts to understand new security requirements, provide program requirements to relevant control owners to collect relevant data for metrics creation to translate them into clear business and operational actions.
- 3-5 years of experience managing team or leading as individual contributor in cybersecurity, risk management, compliance program management (e.g., PCI DSS), technical delivery/program manager or technology operations in regulated industry.
- Strong attention to detail, strong analytical skills with the ability to review data, identify gaps, perform risk analysis and summarize findings clearly.
- Strong written and verbal communication skills, including the ability to communicate with both technical and non-technical stakeholders, including senior stakeholders.
- Ability to manage multiple priorities, adapt to changing needs, and follow through on open items in a fast-paced environment.
- Ability to successfully manage multiple priorities, work across teams and organizational boundaries, building effective relationships with stakeholders who may have different goals, priorities, or levels of cybersecurity experience.
- Experience preparing management reporting, executive summaries, meeting materials, or audit/control evidence.
- Comfortable working at expert level with spreadsheets, dashboards, structured data as well as experience with use of Jira and Service Now.
- Prior experience implementing cybersecurity frameworks and threat modeling methodologies is a plus.
- Experience using LLMs/conversational AI and autonomous agents is a plus.
- Scripting language or development skills is a plus.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).