• Performs workplace/work site risk evaluation and consultative risk improvement services • Provides risk assessment information on complex accounts to support the underwriting process • Submits corresponding Risk Control recommendations or business solutions • Assesses customer's risk control program needs • Makes recommendations on the development and implementation of risk control policy • Develops and maintains business relationships with internal and external partners • Develops and conducts education, training, and presentations • Conducts agency/broker visits to build relationships

• Conduct in-depth risk assessments of DeFi protocols (AMMs, lending markets, bridges, LSTs, etc.) being considered for collateral onboarding • Analyze smart contract, liquidity, counterparty, and market risks across protocols and assets • Develop and refine risk models and frameworks for evaluating new collateral types (on-chain and off-chain) • Collaborate with engineers and governance participants to present risk evaluations, dashboards, and scenario analyses • Monitor the ongoing performance and risk exposure of existing collateral types • Produce clear, data-driven reports and recommendations for governance and internal stakeholders • Stay ahead of DeFi trends, exploits, and evolving risk practices, incorporating learnings into Sky’s risk frameworks

Role Description At Echelon Risk + Cyber, we believe in defending the basic human right to security and privacy. We are looking for an exceptional Senior Risk Advisory Consultant to support the execution of Risk Advisory client engagements. This includes leading and executing relevant tasks, as well as assisting in developing service deliverables and internal processes that will drive value for the team and clients. Our next team member will be authentic, articulate, and passionate about Cybersecurity, and will be unafraid to roll up their sleeves and dive deep into the unknowns, using their security expertise to identify opportunities to increase Echelon Risk + Cyber's overall capabilities internally and for our clients. This is a remote position from anywhere in the USA. What You Will Do: - Assist in the planning, scoping, execution, and reporting of cybersecurity risk and maturity assessments against frameworks such as NIST CSF, ISO 27001, HIPAA, and CMMC. - Collaborate with IT management and client leadership to develop roadmaps to enhance client maturity. - Develop and maintain Cybersecurity policies and procedures while supporting clients. - Review and assess security and technology controls against cybersecurity best practices and compliance frameworks. - Collaborate with clients to develop Incident Response Plans, Incident Response Playbooks, and Tabletop Exercises tailored to each client's environment and needs. - Document results, create client reports, and communicate results to client management and other stakeholders. - Work collaboratively with our clients and other team members to identify information security risks and challenges and provide actionable recommendations and solutions. - Demonstrate consistency, versatility, and adaptability while managing simultaneous client engagements and priorities and delivering quality results in a timely fashion. - Work with the internal team to develop and plan engagement strategies, define objectives, identify and provide recommendations to address client risks. - Create client-facing presentations, reports, and analytics. - Develop long-term roadmaps to assist clients in reaching their desired maturity level. - Perform business impact analyses and develop Business Continuity Plans and Disaster Recovery Plans. - Assist leadership in the creation of proposals, budgets, work plans, and other business development efforts. - Establish exceptional internal and client relationships using strong communication skills. - Produce thought leadership for the organization's website blog on a regular basis. - Actively engage in the cybersecurity community by attending or speaking at local or national conferences. Qualifications - 5+ years of related experience in the cybersecurity industry. - Strong experience assessing clients against industry frameworks and certification standards, specifically ISO 27001/2, CMMC, and SOC2. - Focus on Governance, Risk, and Compliance planning, development, and management. - Knowledge of GRC Platforms/Tools to assist with Assessments and Compliance Management. - Risk management experience, including performing assessments and audits, designing information security controls and processes, and evaluating and prioritizing risk. - Experience with a variety of information security frameworks and best practices (e.g., CIS, NIST, PCI, CMMC, ISO, GLBA, FFIEC, SOX, SOC, HIPAA, HITRUST, etc.). - Experience with incident response, business continuity, and disaster recovery planning is preferred. - Project Management experience preferred. - Certifications recommended: CISSP, CISA, CISM, or similar certification. - Ability to manage and prioritize multiple projects simultaneously and adapt in a demanding and changing environment. - Knowledge of Cloud systems, applications, security services/tools (e.g., EDR, MDR, SIEM, Vulnerability Scanning, Email Security, Backup/DR, MDM), Firewalls, Basic Networking, Data Security, IAM/SSO, etc., will be beneficial in an advisory capacity. - Displays intellectual curiosity by seeking opportunities to develop and demonstrating a willingness to learn. - Strong attention to detail and superior analytical, technical, and problem-solving skills. - Excellent verbal and written communication skills with experience crafting professional messages and adjusting communication style based on audience. - Preferred experience working with financial services, healthcare, or regulated industries. - Applicants must have authorization to work in the United States without current or future visa sponsorship. Requirements - A Bachelor's Degree in a relevant IT or Cybersecurity major. - Large consulting firm experience (Big 4 or equivalent). - Strong background in developing incident response plans, playbooks, and tabletop exercises. - Experience in client-facing roles with an ability to successfully manage multiple projects at once. Benefits - Access to medical, dental, and vision insurance through Cigna, with the majority of the employee cost covered by the employer. - Employer funding to HSA accounts and FSA access. - Access to a 401(k) through Vanguard with a guaranteed employer contribution. - Flexible vacation policy that allows you to manage your schedule and rest and recharge when you need to. - 11 holidays with flexibility based on what is important for you and those you love. - Employer-paid short-term and long-term disability, employer-paid life insurance, and access to additional life insurance, hospital coverage, accidental coverage, discounted mental health support, and more. - Support for individual development through certifications, continued learning, conferences, and more.

• Analyze fraud and risky user behavior to identify patterns, anomalies, and drivers of losses or customer friction. • Conduct fraud investigations and deep dives into alerts, trends, spikes, and known fraud MOs. • Support rule reviews, tuning, and policy changes by providing data and analysis. • Assist with testing and pilots (e.g., rule changes, workflow updates, messaging changes) by tracking metrics and outcomes. • Document findings and insights clearly so they can be actioned by senior analysts and operational teams. • Collaborate across multiple lines of business to ensure insights translate into practical next steps. • Stay informed on common fraud typologies and evolving tactics impacting the business.