Our client is seeking a Security Business Advisory Analyst to help embed security, risk, and compliance considerations across enterprise technology initiatives.
In this role, you will partner with business and technology teams to conduct threat and risk assessments, perform security reviews, evaluate cloud and application architectures, and provide practical security guidance throughout the project lifecycle. You will work closely with architects, engineers, and DevOps teams to promote secure design principles, strengthen security controls, and support compliance initiatives
Key Responsibilities:
- Lead threat and risk assessments (TRAs) and security reviews for new and existing solutions.
- Advise business and technology teams on security risks and mitigation strategies.
- Assess cloud-based and multi-cloud environments to validate security controls.
- Partner with engineering and DevOps teams to embed security into the SDLC and CI/CD pipelines.
- Promote secure design and application security best practices aligned with OWASP.
- Support compliance initiatives and audit readiness activities.
- Mentor junior security team members and contribute to security maturity initiatives.
Required Qualifications:
- Bachelor's degree in Information Security, Computer Science, or a related field.
- 5+ years of cybersecurity, security advisory, or risk consulting experience.
- Strong experience conducting threat and risk assessments.
- Knowledge of cloud security, application security, and DevSecOps practices.
- Ability to communicate effectively with both technical and business stakeholders.
Preferred:
- CISSP, CISM, CCSP, GIAC, or similar security certifications.
- AWS or Azure security certifications.
- Experience supporting PCI DSS, NIST, ISO 27001, or OWASP-aligned environments.