OverviewA dynamic opportunity for an experienced cybersecurity professional to step into a high-impact consulting role focused on security risk assessments and process design. This is a hands-on position requiring both tactical execution and strategic thinking to support the CISO and build a scalable framework for evaluating new internal and external solutions.Key ResponsibilitiesSecurity Risk Assessments:Lead end-to-end security assessments for new systems and solutions, both internal and external.Evaluate cloud configurations and system architecture against business needs and compliance requirements.Profile risks related to data handling, system functionality, and overall security posture.Recommend appropriate security controls and mitigation strategies to project teams.Deliver clear, actionable feedback to support sign-off decisions, aligned with ISO standards and business context.Process Design & Standardization:Develop and implement a repeatable process for assessing security risks in new projects.Define when and how security should be engaged during project lifecycles.Create templates, workflows, and reporting structures to ensure consistency and traceability.Collaborate with cross-functional teams to embed security into project planning and execution.Establish governance mechanisms to reduce ad hoc decision-making and improve audit readiness.Challenges to SolveFrequent ad hoc requests for security sign-off without sufficient context or structure.Lack of a defined process for evaluating new projects from a security and risk perspective.Need for a scalable framework that balances compliance, business risk, and operational efficiency.Required Experience & SkillsProven experience conducting security assessments in GxP-regulated environments across multiple organizations.Strong understanding of ISO 27001, NIST, and other relevant regulatory frameworks.Familiarity with emerging legislation such as NIS2 and its implications for enterprise security.Ability to tailor recommendations based on risk appetite, business culture, and data sensitivity, rather than rigid best practices.Deep knowledge of security controls including background checks, traceability, and repeatability aligned with compliance standards.Demonstrated success in process improvement, framework design, and working in ambiguous or evolving environments.Ideal Candidate ProfileStrategic thinker with hands-on execution capability.Comfortable working closely with senior leadership and technical teams.Able to operate independently while driving cross-functional alignment.