How You'll Contribute
As a Consultant on the Information Security Risk team, you will report to the Principal Director of Information Security Risk and play a key role in executing the firm's technology risk management activities. In this role, you will serve as a trusted security subject‑matter expert, providing risk insight, guidance, and hands‑on support across the organization. You will contribute by:

Perform Security Risk Assessments (SRAs) across applications, infrastructure, cloud platforms, and third‑party integrations to identify threats, vulnerabilities, and business impact.
Determine inherent and residual risk levels using established risk taxonomies, scoring methodologies, and impact criteria aligned to enterprise standards.
Evaluate the design and effectiveness of technical, administrative, and operational security controls against identified risks.
Partner with technology, product, infrastructure, and architecture teams to design, recommend, and refin...