Risk Security Manager for Big-Five Consulting Firm – Chicago, Cleveland, Detroit, Milwaukee

A leading global consulting firm is seeking a Manager level experienced Information Systems Security professional with to join the Practice. The Risk Security practice provides a broad range of recommend services related to controls, processes, and methodologies surrounding Information Security, Risk Management, Risk Assessments, Vulnerability and Threat Management,Technical Privacy / Regulatory compliance, and emerging technologies.


Services include:

– Assessing and recommending Information Security and Risk Management    strategies, policies and governance

– Technology Risk Assessments and Diagnostic Reviews

– Network, Operating System, Database, and Application Security

– Vulnerability Management and penetration testing

– Technical Privacy and Data Protection Support, regulatory compliance

– Strategy and Consulting for PCI, HIPPA, ISO compliance, etc

– Emerging technologies; cloud computing, wireless, mobile devices, etc.

– IT Risk Management



Knowledge Preferred:

– Demonstrates extensive knowledge of securing assessments, developing information security strategies, conducting security assessments, and recommending security solutions to assist businesses with the assessment and improvement of their security infrastructure.

– Demonstrates extensive knowledge of assessing and recommending enterprise security solutions in adherence with industry security standards.

– Demonstrates extensive knowledge of understanding and/or directly managed through the common issues facing clients who provide products and services in several service sectors that include Financial Services, Manufacturing, Retail, Media and Entertainment, Technology, Energy, etc.

– Demonstrates extensive knowledge of with creating proposals and demonstrated business development efforts.

– Demonstrates direct experience as a consultant, auditor or Information Security leader in a professional services firm or large enterprise. This includes interfacing with clients on control solutions, as well as leading the planning and execution of projects, in the following areas: Information Security, Risk Management, Technical Privacy/Compliance, IT Security Audit, and / or IT Risk Management.

– Obtained one or more of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) preferred.


Skills Preferred:


– Demonstrates extensive abilities with the utilization of network and application security assessment tools and methodologies to manage and address security and control issues with the following technologies: UNIX, Windows Servers, databases (Oracle, SQL, DB2, etc), mainframe, firewalls, routers, wireless environments, mobile devices, and cloud computing.

– Demonstrates extensive abilities with performing information security, IT audits, risk assessments, network and application penetration testing and security assessments, intrusion detection, vulnerability/risk validation, and secure application development.

– Demonstrates extensive abilities to identify and address client needs: developing and sustaining extensive client relationships using networking, negotiation and persuasion skills to identify and sell potential new service opportunities; preparing and presenting complex written and verbal materials; and defining resource requirements, project workflow, budgets, billing and collection.

– Demonstrates thorough abilities success as a team leader: leading teams to generate a vision, establish direction and motivate members, create an atmosphere of trust, leverage diverse views, coach staff, and encourage improvement and innovation.

– Demonstrates extensive abilities with information security organizational and policy development, vulnerability management, risk assessment and IT Risk Management skills.

Min Year Exp:

5 years of Information Security and Technical Privacy.


Min Degree(s) and Certifications:

BA or BS Management Information Systems or business related field.

If you found this helpful, please Share...

SAP Risk Security Controls Consultant – Milwaukee/Chicago

Manager- IT Audit and Controls Specialist –

A Big-five consultancy, which provides Audit and Enterprise Risk Services helps clients understand the complexity of issues such as performance, privacy, risk, controls, and data analysis.

The client helps organizations build value by taking a Risk Intelligent approach to managing financial, technology and business risks. This approach helps their clients focus on their areas of increased risk, bridge silos to effectively manage risk across organizational boundaries, and seek not only risk mitigation, but also pursue intelligent risk taking as a means to value creation.


Technology Risk (TR) is a Service Area within, it is comprised of professionals with a broad range of information technology and management consulting skills in the areas of Risk and Compliance, Security and Privacy, and Capital Markets. These professionals perform assessments, remediation, implementation and integration of end-to-end solutions in these three areas.  They also deliver advisory services focused on risk and compliance to IT management and senior executives for both external audit and internal audit clients.  TR professionals focus on information systems and technology that manage risk and/or drive operational, financial and regulatory compliance processes, as well as solutions that manage the risk associated with information technology itself.


Financial Statement & Internal Control Audit (FS&ICA) is a Market Offering within TR. FS&ICA provides audits and reviews of financial statements and reporting on internal controls in accordance with applicable professional standards. Their audits are planned to be responsive to their assessment of the risk of material misstatement based on the understanding gained of the organization and its environment, including its internal control. The consultancy utilizes this understanding to design the nature, timing, and extent of audit procedures, while maintaining an objective and independent attitude. They also strive to provide timely communications regarding professional developments, and insights regarding matters that may affect the organization’s business.




  • Identify and evaluate business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
  • Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
  • Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions
  • Generate innovative ideas and challenge the status quo
  • Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
  • Play substantive/lead role in engagement planning, economics, and billing
  • Assist in retention of professionals
  • Demonstrate a general knowledge of market trends, competitor activities, and client’s products and service lines
  • Build and nurture positive working relationships with clients with the intention to exceed client expectations
  • Understand client’s business environment and basic risk management approaches
  • Participate in proposal development efforts
  • Membership and visibility in professional & civic organizations
  • BA/BS in Business Administration, Accounting, Computer Science, Information Systems Administration or related field; Masters in Accounting or Information Systems, or MBA a plus
  • CPA, CIA®, CISA certification is a plus
  • 5+ years experience in the areas of public accounting, internal auditing or consulting
  • SAP, Oracle or PeopleSoft controls experience desirable
  • Experience with Sarbanes-Oxley and/or COSO is a plus
  • Advanced understanding of business processes, internal control risk management, IT controls and related standards
  • Experience with accounting control related issues
  • Strong technical and/or management background in technical systems/environments
  • Demonstrated ability to plan and manage engagements along with ensuring deliverables meet work plan specifications and deadlines
  • Successful experience identifying controls, developing and executing test plans
  • Demonstrated ability to write report segments and to participate in presentations
  • Open to travel requirements
If you found this helpful, please Share...