Junior Consultant working on Cyber Security standards and customer advisory at MKS4U IT - Beratungs GmbH. Engaging in security assessments and developing long - term security strategies.
About the role
- Assistant Vice President providing cybersecurity advisory across enterprise infrastructure at State Street. Supporting technology outcomes in secure and resilient ways across cloud, hybrid, and on-prem environments.
Responsibilities
- Provide cyber risk advisory support across enterprise infrastructure domains, including compute, storage, identity, cloud platforms, and network/connectivity technologies
- Engage early with engineering and platform teams to assess designs, material changes, and new initiatives before implementation
- Translate infrastructure and network security risk into clear, practical guidance aligned to enterprise risk appetite and regulatory expectations
- Independently assess risk scenarios and make well-reasoned recommendations, escalating when material risk or uncertainty warrants it
- Partner with infrastructure, network, and cloud engineering teams to embed security-by-design and resilience principles into architectures and delivery models
- Review architecture diagrams, design documents, and control implementations for security and operational risk
- Contribute to security considerations around network segmentation, trust boundaries, ingress/egress controls, connectivity patterns, and monitoring approaches
- Help align infrastructure and network security patterns to enterprise standards, zero trust principles, and regulatory obligations
- Support infrastructure and network security risk assessments, control gap identification, and remediation prioritization
- Track remediation actions, helping ensure risks are clearly understood, documented, and addressed in a pragmatic manner
- Assist with exception handling, risk acceptance documentation, and articulation of residual risk posture
- Contribute to internal audit, regulatory reviews, and governance forums by explaining infrastructure and network risk in business-relevant terms
- Provide advisory support during infrastructure or network-related cyber incidents, including impact assessment and control improvement identification
- Partner with SOC, threat, vulnerability, and engineering teams to interpret findings and understand emerging infrastructure-related risks
- Participate in lessons-learned activities to help improve preventative controls upstream
Requirements
- experience in information security, infrastructure security, or technology risk within a large, complex organization
- solid foundational understanding of enterprise infrastructure and associated security risks across on-prem, cloud, and hybrid environments
- demonstrated curiosity and desire to learn, including the ability to ramp quickly on unfamiliar technologies or patterns
- proven ability to work independently, manage ambiguity, and make reasoned decisions with incomplete information
- strong written and verbal communication skills; able to influence without direct authority
- familiarity with industry or regulatory frameworks (e.g., NIST, ISO, DORA, FFIEC) is beneficial but not mandatory
Benefits
- flexible work-life support
- paid volunteer days
- inclusive development opportunities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
IT - Security Consultant at Institut für Datenschutz und Datensicherheit guiding IT compliance and security strategies. Engage with clients to enhance IT security practices across Germany.
Business Development Representative creating and managing lead generation pipelines for cybersecurity solutions. Engaging with enterprise clients in Switzerland and Germany in a hybrid work model.
Information Security Officer responsible for developing and implementing security strategies at an IT service provider for the food and beverage industry. Engaging with teams and management on cyber risks and compliance.
Information Security Manager leading CISOaaS or GRC consultants for NVISO in Germany. Enhancing clients’ cybersecurity posture and driving strategic security initiatives.
Técnico de Segurança do Trabalho JR assisting with safety documentation and training for field activities at Arcadis. Focused on sustainable solutions in engineering and consulting.
Senior Security Engineer managing the vulnerability management program and collaborating with engineering teams at Causaly. Focused on cloud security and secure coding practices.
Infra Security Engineer focusing on endpoint security solutions in South Korea's urban mobility services. Collaborating on security architecture and threat detection initiatives.
Compliance Specialist managing documentation and policies for Orro's Information Security Management System. Supporting essential compliance activities across ISO 27001 and IRAP with strong attention to detail.
Senior Cyber Security Consultant supporting client cybersecurity development initiatives. Job focuses on administrative and technical aspects of cybersecurity within a collaborative consulting team setting.