• Control Risks is looking to bring on a consultant as a part of an embedded project with a top tier client of ours in the tech industry. • This role will conduct onsite operational security assessments of the client’s data center facilities within North America. • The Consultant will travel to the client’s facilities to conduct detailed interviews with facility stakeholders and perform a physical site assessment to ensure compliance with existing security standards and requirements. • Utilize the client’s existing standards to assess compliance with physical, technical, and operational security requirements • Conduct interviews with a wide array of security stakeholders to determine the operational security practices in place at each facility • Ensure findings are collected and presented in a clear and consistent manner to facilitate reliable analysis across a high volume of sites • Provide clear and consistent recommendations regarding security policies and practices • Maintain technical proficiency in the security industry, sharing knowledge throughout the firm and enhancing the department's current document templates and methodology • Continuously enhance client relationships through consistent delivery of high-quality reports and professional presentation

• Conducting vulnerability assessments of the assigned security infrastructure • Provide mitigation recommendations/ security architecture reviews to Government decision makers • Research/ Development/ Testing/ Implementation and Documentation changes to software • Work with networking to close out open vulnerabilities • Ensure all DISA STIGS are applied to networks, network devices and information systems where applicable

• Lead the design, development, delivery, and quality assurance of the organization’s global safety and security training framework • Establish consistent, high-quality internal training for Relief International staff and partners operating in complex and high-risk contexts • Deliver training directly and build internal capacity across all countries of operation • Ensure an inclusive approach for safety and security training across the organization • Deploy in support of country teams/incident management in a responder capacity • Develop a global organizational training strategy for safety and security training based on industry and sector best practice • Develop modular training that can be adapted on a need basis • Create training for both online/e-learning and in-person • Align training with recognized training bodies and standards for quality assurance

• Drive the implementation of technical controls and evidence gathering in collaboration with engineering for compliance standards and frameworks such as ISO 42001 and FedRAMP 20X. • Manage the daily operational reality of audits, customer questionnaires, and internal IT/Security support requests while relentlessly identifying friction and engineering automated workflows to make these tasks self-service over time. • Rapidly prototype and ship internal tools, custom Vanta integrations, and scripts using AI-assisted development to close automation gaps and eliminate manual work across Security, IT, and Engineering. • Work with application, data, infrastructure, and ML engineering teams on implementing secure design patterns and governance best-practices. You will be a trusted technical advisor and doer who speeds up production deployments rather than blocking them by automating processes like AI risk assessments and secure architecture reviews.