Information Security Risk Consultant
Benefits: Competitive salary Location 100% Remote Experience Level Mid–Senior Level (5 or more years of relevant experience) Role Overview The Business Information Security Consultant provides advisory and hands-on support for security governance, risk management, and secure application development initiatives. This role supports ongoing security efforts for application implementations, third-party risk assessments, and business-facing security programs. The position interacts closely with business, technology, and security stakeholders to assess controls, facilitate risk mitigation activities, and deliver consistent security practices across multiple initiatives.
Key Responsibilities
Secure by Design & SDLC Support Support secure-by-design initiatives by evaluating security controls within application implementations Perform security-related SDLC activities using standardized security user stories Provide ongoing consultation for in-scope applications to ensure alignment with security requirements Assist development and project teams in understanding and applying security controls Risk Management & Third-Party Assessments Conduct risk assessments and due diligence activities for third-party vendors Identify risks and recommend mitigation strategies aligned with organizational standards Support vendor risk management processes and ongoing monitoring activities Security Assessments & Governance Support Support physical site security assessments on an as-needed basis Facilitate Security Risk Acknowledgment and Action Planning activities Provide ad-hoc security consultation through formal service request processes Ensure consistent application of security governance practices across initiatives Reporting & Program Visibility Prepare and deliver monthly reports summarizing security demand, activities, and outcomes Track and communicate workload, trends, and key risk indicators Provide updates to leadership on security initiatives and risk posture Stakeholder Collaboration & Advisory Partner with business, IT, and security teams to align on risk, controls, and implementation strategies Act as a trusted advisor for security-related decisions and risk acceptances Support cross-functional communication and coordination on security initiatives Required Qualifications 5 or more years of experience in information security, risk management, or security consulting Experience supporting secure software development life cycle activities Experience conducting vendor risk assessments and due diligence reviews Strong understanding of security controls, risk frameworks, and mitigation strategies Experience working directly with business and technical stakeholders Strong written and verbal communication skills
Preferred Qualifications
Experience supporting divestiture, integration, or transformation programs Familiarity with enterprise security assessment methodologies Experience supporting physical security assessments Experience working in regulated or large enterprise environments Core Skills & Attributes Strong analytical and risk assessment capabilities Ability to communicate complex security concepts to non-technical stakeholders Strong organizational and reporting skills Ability to manage multiple concurrent tasks in a demand-driven environment Collaborative and consultative approach to problem solving High attention to detail and accountability in security processes This is a remote position. Apply To This Job