Skip to content

Lead Risk Management Consultant

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

What's the role?

The Lead Risk Management Consultant serves as the key IT MAR (Model Audit Rule) program advisor, working to optimize and balance risks and controls. You will: manage the IT MAR program outcomes; develop and manage relationships with business leaders; ensure processes and controls are aligned with established IT MAR program, accountable for escalating issues and balancing business needs with IT MAR implications, in an effort to in order to foster a business environment that effectively manages information risk; resolve escalated MAR deficiencies and set processes and controls to facilitate in the remediation of the deficiencies; manage overall results of multiple projects within the MAR program (including accountability for defining and managing scope, schedule, cost, and quality); communicate project status to stakeholders; ensure compliance with MAR program.

Lead, coach, and mentor NM staff on the IT MAR program, including specific processes to ensure consistency and quality. You hold yourself to a high standard, proactively working to attain/enhance pertinent industry knowledge.

  • Responsible for the advancement, process improvements, and strategy of the IT MAR program to foster a business environment that effectively manages IT risk. Communicates the information risk strategy with business clients, Technology function, vendors, and senior management in order to ensure a common understanding and acceptance.
  • Manages overall results of multiple projects and operational work within the MAR program including accountability for defining and managing scope, schedule, cost, and quality. Communicates project status to appropriate stakeholders. Ensures compliance with company approved methodology and required deliverables and applies lessons learned throughout subsequent project phases.
  • Manages relationships with business clients and gains broad knowledge of their business. Ensures expectations are managed and that clients gain a full understanding of IT controls / risks and the impact on their business.
  • Accountable for evaluating processes and controls to comply to MAR relevant information protection policies and standards.
  • Responsible for educating, coaching, and guiding leaders across the company on IT risk related to MAR. Understands both the business and technical implications of IT risk and advises on appropriate investment decisions.
  • Accountable for the resolution of escalated information risk issues related to information protection policies, standards, processes, and controls; information protection awareness and training program; noncompliance issues and security incidents in order to effectively balance the needs of the business with the associated risks.

Bring your best! What this role needs:

  • Bachelor's degree with an emphasis in MIS, Economics, Business or related field; or related work experience beyond the minimum required.
  • Ten years of professional experience in information systems or systems audit.
  • Minimum of two years of experience leading complex projects or developing, influencing, and recommending business strategies.
  • Demonstrated ability to independently identify and resolve critical and complex issues through effective problem solving skills.
  • Ability to deal with ambiguity.
  • Proven ability to maintain and strengthen relationships; ability to effectively influence and negotiate with internal and external partners; and proven organizational savvy with demonstrated tact and diplomacy.
  • Strong understanding of information risks and IT general controls.
  • Strong ability to lead teams and build consensus around complex technical and business decisions.
  • Preference will be given to candidates with Sarbanes-Oxley, MAR or SOC review experience (designing, auditing, or governance).

Desired Skills

  • Certified Information Systems Auditor, Certified Information Systems Security Professional or Certified Cloud Security Professional

Beyond base salary, NM offers the following benefits; pension, 401k, comprehensive medical, dental, and vision, FREE lunch, annual bonus opportunity, and much more!


This job is not covered by the existing Collective Bargaining Agreement.

Required Certifications:

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now! 

We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.


We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.