Senior Cyber Security Risk Leader


ComResource is looking for a Senior Cyber Security Risk Leader.


In this position you will be hands-on and have the privilege to work alongside our customers from education to execution. Your primary focus in this position is applying critical thinking and detail-oriented risk analysis capability while at the same time explaining concepts and communicating effectively with customers. You enjoy tackling problems and believe meaningful measurement matters. You are self-motivated and will work well within a pacesetting management style (minimal direct supervision). You will travel often (average 50%) and collaborate remotely each week with many of our customers. Most importantly – you bring a tireless drive to helping them achieve their risk management objectives.



  • Lead / Participate in conducting risk analysis
  • Defining scope of analysis
  • Gathering data / calibrated estimates
  • Reviewing results
  • Drafting of intelligence-driven reporting
  • Assist / Support customers in day-to-day strategic / tactical activities related to risk program development and optimization
  • Onboarding customers to the application platform, a foundation to their quantification program
  • Participate in and potentially lead educational seminars / training courses / conference talks
  • Collaborate with management and peers to continuously learn and improve
  • Be an active member of the broader risk management community; understanding current and forward-looking practices.
  • Draft case studies and other risk analysis / risk management research
  • Identify, evaluate, test new risk analysis application components
  • Support sales team with technical discussions and demonstrations



  • Demonstrates critical and analytical thinking skills
  • 5+ years professional experience with strong background in information security, IT audit or security risk management
  • Aptitude with established risk management practices
  • Exceptional client-focused skills – the desire to make others successful
  • Results-driven, solutions-oriented and comfortable in a fast-paced environment with competing priorities.
  • Excellent presentation, verbal and written communication skills; comfortable with leading discussions and/or training sessions among groups of 8-20
  • Flexibility in daily hours (i.e. willingness to work longer hours during peak periods and accommodate other US time zones)
  • Possess a “whatever it takes to get the job done” mentality (i.e. pick up the phone, follow-up multiple times)
  • Ability to work on a team and individually



  • Quantitative risk analysis experience – preferably with Factor Analysis of Information Risk (FAIR)
  • Certified in Open FAIR, CRISC or other risk-related certifications. Position would require employee to obtain Open FAIR certification if not already held
  • Knowledge of statistical concepts and probability
  • Knowledge of IT GRC technology platforms
  • Consulting experience (in Information security or risk management)


Leave a Reply