×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Principal Risk Advisor

Job in Evendale, Hamilton County, Ohio, USA
Listing for: Relha LLC
Full Time position
Listed on 2026-02-10
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below
Location: Evendale

The MA&D Risk and Third-Party Risk Manager is responsible for leading cybersecurity and data privacy risk management across mergers, acquisitions, divestitures, and other strategic transactions, as well as supporting broader third-party risk activities. This role coordinates due diligence and readiness assessments with internal stakeholders and external providers, translates complex technical findings into clear business risk insights, and supports risk-informed decision-making throughout the deal lifecycle and integration phases.

The manager also contributes to the development and improvement of MA&D and third-party risk standards, processes, and metrics, helping to reduce cyber and privacy risk, improve integration outcomes, and enhance the overall maturity and consistency of enterprise risk practices.

The MA&D Risk and Third-Party Risk Manager serve as a key risk lead and coordinator for cybersecurity and data privacy across mergers, acquisitions, divestitures, and other strategic transactions. This role is responsible for coordinating readiness assessments, interpreting complex technical findings into business-focused risk insights, and supporting risk-informed decision-making throughout the deal lifecycle. The manager will coordinate MA&D risk processes, contribute to standards, and monitor performance metrics to help ensure consistent, timely, and high-quality execution.

The MA&D Risk and Third-Party Risk Manager will also support broader Third-Party Risk Management (TPRM) activities as bandwidth permits, helping align MA&D practices with enterprise third-party risk frameworks, policies, and tools. This role plays a critical part in reducing cyber and privacy risk in strategic transactions, improving integration outcomes, and advancing the maturity and consistency of MA&D and third-party risk practices across the enterprise.

Strong leadership, collaboration, and problem-solving skills are essential, along with the ability to influence and communicate effectively with technical and non-technical stakeholders across the organization and with external providers.

Job Description

Roles and Responsibilities:

Lead cybersecurity and data privacy risk scoping and planning for mergers, acquisitions, divestitures, joint ventures, and other strategic transactions.

Coordinate MA&D cybersecurity and privacy readiness assessments with external providers, including but not limited to maturity assessments, compromise assessments, software composition analysis, application security testing (SAST/DAST), Office 365 security reviews, network security assessments, red team exercises, executive background research, and integration support.

Review and synthesize provider assessment outputs, translating technical findings into clear, business-focused risk summaries that highlight significant business impacts, likelihood and severity, and prioritization of remediation activities.

Develop and present structured recommendations to support deal decisions, including risk acceptance, mitigation strategies, deal term adjustments, and conditions for close (e.g., remediation milestones and required controls).

Partner with Corporate Development, Cybersecurity, Privacy, Legal, IT, and business leaders to integrate cybersecurity and privacy risk considerations into deal evaluation, negotiation, and integration planning.

Coordinate Day 1 cyber readiness activities and support the design and implementation of future-state cyber operating models for acquired or divested entities, ensuring alignment with enterprise security standards and control frameworks.

Convert assessment findings into actionable remediation plans with clear owners, timelines, and tracking mechanisms; monitor progress, escalate delays or critical risks, and provide options and trade-offs to stakeholders.

Contribute to the development, maintenance, and continuous improvement of MA&D risk management standards, procedures, and playbooks, ensuring alignment with enterprise cybersecurity and privacy policies and standard control frameworks (such as NIST, CIS, ISACA, or ISO).

Collaborate with security awareness and training program owners to ensure MA&D-related requirements, patterns, and lessons learned are incorporated into training, guidance, and communications for key stakeholder groups.

Oversee the repository of MA&D projects, assessments, risks, and compliance issues in the governance, risk, and compliance (GRC) tool, working with operations and GRC teams to ensure workflows are in place to trigger security reviews based on data risk ratings and to track findings through remediation and closure.

Manage MA&D-related cybersecurity and privacy policy exceptions, ensuring that exceptions are documented, approved, monitored, and reviewed or closed prior to expiration; ensure that automated alerts are issued to the SOC or relevant teams as needed.

Support high-risk third-party risk assessments and onboarding/offboarding activities, applying MA&D-style rigor for critical suppliers or…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search