Skip to content

Security Assessment Consultant

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

Primary Duties and Responsibilities

  • Define and operate processes to provide ongoing monitoring and assessment of control coverage and effectiveness in order to ensure compliance with information protection policies and standards.

  • Assess and evaluate complex processes and controls in order to determine compliance with information protection policies and standards, and ensure effective management of risk.

  • Consult and advise on large, complex and ambiguous efforts on the appropriate design of information protection controls and control monitoring in order to comply with information protection policies and standards, and demonstrate ongoing compliance with information protection policies and standards.

  • Provide subject matter expertise for the information risk management program which may include: evaluating vendor security and risk posture, advising on purchase and investment decisions, establishing appropriate monitoring of information protection controls, evaluating operational effectiveness of information protection controls, and evaluating noncompliance issues.

  • Define and operate processes to document, report, and manage findings, exceptions to standards, and identified risks in order to ensure that appropriate action plans are created and executed to remediate gaps, deficiencies, and risks.

  • Lead, coach, and mentor embedded risk engineers and other staff members on aspects of the information risk management program and specific processes in order to ensure behaviors and outcomes that support information protection, privacy, and data security, and drive consistency, quality and productivity of deliverables.

  • Develop action plans in order to support departmental and corporate strategy.

Qualifications

  • Bachelor’s degree with an emphasis in Computer Science, Computer Engineering, Software Engineering, MIS or related field; or related work experience beyond the minimum required.

  • One or more advanced risk or security certifications (e.g. CISSP, CRISC, CISA, CISM, CCSP, FAIR).

  • 4-5 years of professional experience required.

  • Four or more years of experience in information systems or systems audit with a demonstrated knowledge in technologies and processes.

  • Four or more years of experience in information systems or systems audit with a demonstrated knowledge in technologies and processes.

  • Proven ability to design and implement IT general controls.

  • Ability to assess designs for risk and control gaps and recommend remediation approaches.

  • Demonstrated ability to lead, coach and mentor other staff members.

  • Strong ability to independently identify and resolve critical and complex issues through effective problem solving skills.

  • Strong ability to maintain and strengthen relationships; ability to effectively influence and negotiate with internal and external partners.

  • Proven organizational savvy with demonstrated tact and diplomacy.

  • Proven ability in dealing with ambiguity.

  • Assessment experience - Security Assessments, Risk Assessments, Vendor Assessments, Compliance Assessments.

  • Ability to recommend mitigating controls for various security gaps.

  • Cloud Security experience - AWS, Azure.

  • Knowledge of NIST framework.

  • Data Privacy (GDPR, CCPA etc.) experience - experience with Data tagging, Data flows, etc.

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!

W e are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.


FIND YOUR FUTURE

We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.