Junior Cybersecurity Risk Management Consultant
Location
California
Posted
2 days ago
Salary
$55 - $60 / hour
Seniority
Junior
Job Description
Junior Cybersecurity Risk Management Consultant
Del Oro Consulting, Inc.
• Support the onboarding of new third-party vendors into the organization's Third-Party Risk Management (TPRM) program. • Review vendor intake requests to ensure required information is complete and accurate. • Coordinate the distribution, collection, and tracking of vendor security questionnaires and assessment documentation. • Monitor vendor assessment progress and proactively follow up on outstanding questionnaires, evidence requests, and documentation. • Maintain accurate assessment records and workflow updates within the ServiceNow platform. • Collect, organize, and maintain vendor security documentation, including policies, certifications, and supporting evidence. • Coordinate remediation efforts by tracking identified security gaps and following up on corrective actions. • Validate vendor security controls and supporting documentation against established security requirements. • Support vendor risk tracking, reporting, and status updates for internal stakeholders. • Assist with daily operational activities within the Third-Party Risk Management program as assigned by the TPRM Manager. • Ensure all assigned work is completed according to established priorities and timelines.
Job Requirements
- 3+ years of experience supporting Third-Party Risk Management (TPRM), Vendor Risk Management (VRM), Cybersecurity Risk Management, and/or Governance, Risk & Compliance (GRC) programs.
- Experience coordinating vendor security assessments and managing assessment documentation.
- Familiarity with industry security questionnaires (SIG, CAIQ, custom questionnaires, etc.).
- Experience working with ServiceNow
- Understanding of cybersecurity controls and vendor risk assessment processes.
- Strong organizational skills with the ability to manage multiple vendor assessments simultaneously.
- Excellent written and verbal communication skills with experience interacting directly with vendors and internal stakeholders.
- Strong attention to detail and ability to maintain accurate records and documentation.
Benefits
- Medical
- Dental
- Vision
- 401(k) (with a match)
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Senior Security Engineer, Infrastructure Security
JuicywayJuicyway makes it easy for everyone to participate in the global economy
Role Description The Security and Infrastructure team protects Juicyway's technology, people, and products. We are technical in what we build but operational in how we work, and we are committed to supporting every product and every bold bet Juicyway makes. Our tenets are simple: prioritise for impact, prepare the foundations for transformative financial technology, and build a security culture that runs deeper than policy. Tasks The problem you'll be solving: - Financial infrastructure is one of the most targeted surfaces on the internet. - InfraSec protects the foundations of Juicyway's production and experimental environments. - This role exists to lead that function, actively hardening it. - You will be the senior security voice in a technical team that takes this seriously. What you'll own - Designing and building security controls across every layer of the stack; physical hardware, OS, Kubernetes, networks, and CI/CD pipelines. - Hardening our multi-cloud infrastructure end to end, including network isolation, secret management, and checkpoint encryption. - Protecting our API services against common and emerging threats. - Securing and monitoring our distributed workforce device fleet; endpoint protection and robust IAM. - Partnering with engineering teams to deploy security enhancements at scale. - Leading our compliance work; PCI DSS, SOC 1 and 2, and routine penetration tests. - Taking a generalist approach to emerging workloads. - Building the security culture across the engineering org. Qualifications - Deep expertise in cloud security — AWS and/or Azure. - Proven experience securing Kubernetes environments, container orchestration, and service meshes. - Solid track record with secret management, IAM, machine identity, and access control at scale. - Hands-on experience with compliance frameworks; PCI DSS and SOC 1 and 2 specifically. - Strong analytical instincts. - The communication skills to work across technical and non-technical stakeholders without losing precision. - Bonus: experience securing cryptocurrency systems; background in financial services or regulated industries; familiarity with endpoint protection tooling and workforce device management. - Be based in Nigeria. Benefits - Competitive pay. - Meaningful equity at an early stage. - Real flexibility on hours, location, and how you do your best work. - A technical team that takes security seriously and will actually listen to you.
• Owning, shaping, and running proof-of-concepts, beta programs, and pre-sales activities with customers and partner teams on the Israeli market • Diving into enterprise architecture discovery and hands-on software configuration • Strategizing with and assisting customers as they move to more agile, secure, identity centric security models • Taking a consultative approach to solutions and solving challenges around next generation security transformation • Educating and enabling internal teams and partners regarding our Enterprise solution portfolios to motivate effective sales strategies • Influencing product roadmaps and ensuring the inclusion of business priorities and requirements of customers
Principal Enterprise Security Architect, Senior Associate
IntelanceEnterprise Architecture. Cybersecurity. AI Operating Models. We build strategic systems for the future of business.
• Lead independent security architecture reviews for complex enterprise environments. • Assess cloud, on-premises and hybrid architectures across identity, networks, endpoints, applications, platforms and data. • Review security requirements, architecture decisions, trust boundaries and control designs. • Carry out threat modelling and identify credible attack paths and design weaknesses. • Assess identity and access management, network segmentation, encryption, logging, resilience and recovery arrangements. • Judge whether proposed alternative controls provide equivalent protection. • Review high-level and detailed designs and challenge unsupported assumptions. • Work alongside governance and risk advisors, enterprise architects and technical assessors. • Turn technical findings into clear decisions and recommendations for executives and boards. • Produce client-ready architecture findings, diagrams and assurance reports. • Complete scheme-specific training and participate in internal quality reviews where required.
• Enabling the success of our rapidly growing business • Collaborate with Account Manager on customer issues • Strategizing future services or capabilities for client accounts • Build technical business relationships with key customers and partners • Presenting at events and seminars • Mentor others with your expertise




