Cream City Cyber
Technology Risk Management Consultant
Cream City Cyber, Milwaukee, Wisconsin, United States, 53244
At Cream City Cyber, we understand the convergence of physical and digital risks and how they impact businesses and governments alike. Our battle-tested experts have been trusted advisors for decades, offering tailored security solutions to help clients navigate evolving landscapes. We strive to mitigate risks with confidence, enabling our partners to thrive in a connected world.
Technology Risk Management Consultant
Overview We are seeking a skilled and detail-oriented Technology Risk Management Consultant to join our Risk & Compliance consulting team. The ideal candidate will have hands‑on experience in risk assessment, regulatory compliance, vulnerability management, and governance support. This position requires a strong analytical mindset, effective communication skills, and the ability to work cross-functionally to support security objectives.
Key Responsibilities Risk Management
Perform preliminary assessments of technology and cybersecurity risks
Document risk treatment plans and track mitigation progress
Maintain risk registers and records of identified risks
Controls Management
Assist in implementing and testing security controls
Identify gaps and improvement opportunities in existing controls
Support audit preparation and control documentation
Ensure alignment of controls with compliance requirements and project goals
Vulnerability Management
Coordinate vulnerability remediation with stakeholders
Track mitigation progress and maintain accurate documentation
Support report preparation and risk prioritization
Metrics and Reporting
Gather and analyze risk data for dashboards and presentations
Ensure data accuracy and consistency
Support stakeholder communication with clear data visualization
GRC Programs
Contribute to the development and maintenance of policies and procedures
Ensure documentation is current and aligned with operational needs
Participate in GRC program updates and process improvements
Regulatory Compliance
Assist in compliance assessments and gap analyses
Draft and update documentation
Track remediation activities to ensure compliance
Cross‑Functional Collaboration
Support integration of risk and compliance into project efforts
Share insights with stakeholders to align on project objectives
Policy Development
Conduct policy research and benchmark industry practices
Draft and update policy documentation
Clarify policy implications for team members
Leadership and Team Contribution
Own smaller tasks and projects with quality focus
Collaborate and share knowledge with the team
Participate in meetings and process improvement efforts
Problem Solving
Apply structured analysis to identify trends and risks
Develop actionable insights and support solution development
Clearly communicate solutions to stakeholders
Career Growth
Engage in self‑directed learning and certifications
Seek challenging assignments to expand skills and business understanding
Required Qualifications
Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field
3+ years of experience in cybersecurity risk management or information security
Solid understanding of risk management principles, assessment methodologies, and control frameworks
Familiarity with compliance frameworks and regulations (NIST CSF, PCI‑DSS, ISO/IEC 27001, SOC 2, GDPR, HIPAA)
Strong written and verbal communication skills
Ability to engage technical and non‑technical stakeholders effectively
Strategic thinking and alignment of risk tasks with business goals
Preferred Qualifications
Degree or experience in Information Security, Business Administration, or a related field
Certifications such as Security+, GRCP, CGRC, or similar
Exposure to regulated environments and compliance roles
Familiarity with cloud security, vendor risk, and incident response
Experience with audit support and security awareness programs
Application This is a full-time position offering growth opportunities, professional development, and the chance to work on meaningful cybersecurity initiatives. Apply now to be part of a collaborative, impact‑driven team.
#J-18808-Ljbffr
Technology Risk Management Consultant
Overview We are seeking a skilled and detail-oriented Technology Risk Management Consultant to join our Risk & Compliance consulting team. The ideal candidate will have hands‑on experience in risk assessment, regulatory compliance, vulnerability management, and governance support. This position requires a strong analytical mindset, effective communication skills, and the ability to work cross-functionally to support security objectives.
Key Responsibilities Risk Management
Perform preliminary assessments of technology and cybersecurity risks
Document risk treatment plans and track mitigation progress
Maintain risk registers and records of identified risks
Controls Management
Assist in implementing and testing security controls
Identify gaps and improvement opportunities in existing controls
Support audit preparation and control documentation
Ensure alignment of controls with compliance requirements and project goals
Vulnerability Management
Coordinate vulnerability remediation with stakeholders
Track mitigation progress and maintain accurate documentation
Support report preparation and risk prioritization
Metrics and Reporting
Gather and analyze risk data for dashboards and presentations
Ensure data accuracy and consistency
Support stakeholder communication with clear data visualization
GRC Programs
Contribute to the development and maintenance of policies and procedures
Ensure documentation is current and aligned with operational needs
Participate in GRC program updates and process improvements
Regulatory Compliance
Assist in compliance assessments and gap analyses
Draft and update documentation
Track remediation activities to ensure compliance
Cross‑Functional Collaboration
Support integration of risk and compliance into project efforts
Share insights with stakeholders to align on project objectives
Policy Development
Conduct policy research and benchmark industry practices
Draft and update policy documentation
Clarify policy implications for team members
Leadership and Team Contribution
Own smaller tasks and projects with quality focus
Collaborate and share knowledge with the team
Participate in meetings and process improvement efforts
Problem Solving
Apply structured analysis to identify trends and risks
Develop actionable insights and support solution development
Clearly communicate solutions to stakeholders
Career Growth
Engage in self‑directed learning and certifications
Seek challenging assignments to expand skills and business understanding
Required Qualifications
Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field
3+ years of experience in cybersecurity risk management or information security
Solid understanding of risk management principles, assessment methodologies, and control frameworks
Familiarity with compliance frameworks and regulations (NIST CSF, PCI‑DSS, ISO/IEC 27001, SOC 2, GDPR, HIPAA)
Strong written and verbal communication skills
Ability to engage technical and non‑technical stakeholders effectively
Strategic thinking and alignment of risk tasks with business goals
Preferred Qualifications
Degree or experience in Information Security, Business Administration, or a related field
Certifications such as Security+, GRCP, CGRC, or similar
Exposure to regulated environments and compliance roles
Familiarity with cloud security, vendor risk, and incident response
Experience with audit support and security awareness programs
Application This is a full-time position offering growth opportunities, professional development, and the chance to work on meaningful cybersecurity initiatives. Apply now to be part of a collaborative, impact‑driven team.
#J-18808-Ljbffr