Technology Risk Consultant

This is a great opportunity for a candidate interested in getting started in a career in security, especially governance and risk. No prior security experience required (although it doesn't hurt) just need someone who has a curious nature and wants to learn and grow!OverviewAs a Technology Risk Management Consultant, you will support the governance, audit, and management of technology risk at our client. You will work closely with the IT risk manager and the broader Technology organization to help identify and mitigate risks, operate key technology controls, facilitate efficient audit reviews, and support the delivery of strategic initiatives. You are curious, quick to learn, resourceful, and adaptive, and you work well technical and non-technical teams.ResponsibilitiesSupport the third-party risk management program by classifying third parties, collecting and reviewing information related to their information security, and tracking identified risksExecute key recurring technology controls and prepare audit-ready evidence of operationValidate the continuous operation of key processes across the Technology organization, identify and escalate observed deviationsAssemble, organize, and deliver comprehensive evidence requested in audit reviews in a timely mannerContribute to the delivery of strategic priorities across technology risk governance and identity and access management by completing tasks as assigned and by collaborating with relevant stakeholdersAssemble and produce periodic metrics in support of leadership reporting ion the state of technology riskIdentify opportunities to automate and streamline data and evidence gathering and build solutions to put the ideas to fruitionQualificationsInterest in Computer Science, Information Systems, Cybersecurity, or a related fieldExperience in technology audit, governance, risk, and compliance, information security, or related field is preferred, and willingness to learn is requiredExperience working in a cloud environment - AWS preferredExposure to technology domains, including network security, host and database security, cloud security, and application securityExperience with security standards and regulatory compliance, such as ISO 27001, NIST, SOC1, Sarbanes-Oxley Act, and GDPR is preferredFamiliarity with a range of best-of-breed security tools and applicationsStrong communication and interpersonal skillsCISA, CRISC, CISSP and/or AWS Security certification are encouragedWork locationThe position is hybrid, currently with three in-office days and two remote days every week. The office is located near Grand Central Terminal.The Phoenix Group Advisors is an equal opportunity employer. We are committed to creating a diverse and inclusive workplace and prohibit discrimination and harassment of any kind based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. We strive to attract talented individuals from all backgrounds and provide equal employment opportunities to all employees and applicants for employment.