Back to search
Cream City Cyber Linkedin · Posted 18d ago

Risk Management Consultant Architect

Milwaukee

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

At Cream City Cyber, we understand the convergence of physical and digital risks and how they impact businesses and governments alike. Our battle-tested experts have been trusted advisors for decades, offering tailored security solutions to help clients navigate evolving landscapes. We strive to mitigate risks with confidence, enabling our partners to thrive in a connected world.


Technology Risk Management Architect

Overview

We are looking for a proactive and experienced Technology Risk Management Architect to join our Risk & Compliance consulting team. In this role, you will lead cybersecurity risk assessments, ensure regulatory compliance, and manage governance activities across business functions and technology initiatives. This is a highly collaborative and strategic role, ideal for candidates with a strong technical background, excellent problem-solving capabilities, and the ability to guide junior team members.

Key Responsibilities

Risk Management

  • Independently identify and assess cybersecurity risks across projects and operations
  • Develop and implement risk treatment plans
  • Manage and maintain risk registers, ensuring alignment with risk management processes
  • Collaborate with stakeholders to design effective mitigation strategies

Controls Management

  • Assess the effectiveness of security controls, identify gaps, and recommend enhancements
  • Refine testing procedures and support compliance assessments
  • Advise stakeholders on best practices for risk, security, and privacy controls

Vulnerability Management

  • Lead assessments to identify, prioritize, and remediate vulnerabilities
  • Deliver detailed reports with analysis and recommendations
  • Partner with stakeholders to align remediation with business objectives and risk tolerance

Metrics and Reporting

  • Develop and deliver risk and compliance reports for mid-level management
  • Create and refine KPIs and metrics to communicate trends and emerging issues
  • Ensure alignment of reporting with business objectives

GRC Program Management

  • Manage governance, risk, and compliance (GRC) elements in assigned areas
  • Work with stakeholders to update and enforce policies and procedures
  • Provide practical guidance on GRC implementation within projects

Regulatory Compliance

  • Independently assess compliance status and identify gaps
  • Create comprehensive compliance reports with improvement recommendations
  • Support internal and external audit processes

Policy Development and Enforcement

  • Lead updates to cybersecurity policies and standards
  • Promote adherence through training and stakeholder engagement
  • Monitor compliance and address concerns as needed

Cross-Functional Collaboration

  • Lead cross-department projects, ensuring integration of security requirements
  • Serve as a liaison between security and business teams to align goals
  • Promote secure practices and advise on risk integration into processes

Leadership and Team Development

  • Provide mentorship to junior team members
  • Lead small projects and workstreams with accountability
  • Foster a collaborative and supportive team culture

Problem Solving

  • Use structured methodologies to diagnose root causes and develop creative solutions
  • Tailor communication of solutions to technical and business audiences
  • Align problem-solving with organizational goals

Career Development

  • Pursue advanced training and certifications
  • Stay updated on risk, compliance, and cybersecurity best practices
  • Share knowledge through mentoring and team discussions

Required Qualifications

  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field
  • 5+ years of experience in information security or cybersecurity risk management
  • Strong understanding of risk principles, frameworks, and assessment methodologies
  • Experience managing enterprise GRC programs and mitigation strategies
  • Hands-on experience with compliance frameworks (e.g., NIST CSF, PCI-DSS, ISO/IEC 27001, SOC 2, GDPR, HIPAA)
  • Excellent communication skills for technical and non-technical audiences
  • Proven ability to work independently and lead project initiatives
  • Strategic mindset with a focus on aligning security with business objectives

Preferred Qualifications

  • Degree in Information Security or Business Administration (or commiserate experience)
  • Certifications such as CISSP, CISM, CRISC, CISA, or similar
  • Experience in consulting or highly regulated industries (e.g., finance, healthcare)
  • Familiarity with cloud security, vendor risk, and incident response
  • Audit and regulatory engagement experience
  • Demonstrated involvement in security awareness programs

Application

This full-time role offers significant impact and leadership opportunities within a forward-thinking risk team. If you're passionate about cybersecurity, GRC, and driving cross-functional risk initiatives, we encourage you to apply.


Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent