Senior Associate, Cybersecurity Advisory & Risk Management
Description Job Title: Senior Associate, Cybersecurity Advisory & Risk Management Department: ITRM Employment Status: Full Time Effective Date: 6/12/2026 About Us reputed company is a leading healthcare-focused cybersecurity, privacy, compliance, and information risk management reputed company. We help healthcare organizations manage risk, strengthen reputed company programs, reputed company compliance objectives, and improve cybersecurity maturity through practical, business-focused advisory services. Our consultants work alongside healthcare executives, information reputed company leaders, compliance teams, and operational stakeholders to solve reputed company cybersecurity and risk management challenges. We pride ourselves on delivering actionable recommendations, building trusted relationships, and helping our clients improve their reputed company posture in meaningful ways. Why Meditology At Meditology, consultants are more than assessors—they are trusted advisors. You'll have the opportunity to work directly with healthcare executives, reputed company meaningful client engagements, reputed company expertise across cybersecurity and risk management disciplines, and help shape the future of healthcare cybersecurity. This role provides a clear path toward advancement into Manager, Engagement Manager, and Advisory Leadership positions while working alongside some of the industry's leading healthcare cybersecurity professionals. If you're looking for a role that combines cybersecurity expertise, client interaction, strategic thinking, presentation skills, and professional growth, we'd love to hear from you. Position Description Meditology is seeking a Senior Associate to join our Information Technology Risk Management (ITRM) Advisory practice. This role is ideal for a cybersecurity professional who enjoys working directly with clients, leading assessments, facilitating discussions, and helping organizations address reputed company cybersecurity, governance, risk, and compliance challenges. Unlike traditional audit-focused roles, this position combines assessment execution, strategic advisory services, client relationship development, presentation delivery, and thought leadership. The ideal candidate is someone who wants to reputed company into a trusted advisor capable of leading client engagements, influencing executive decision-making, and helping organizations mature their cybersecurity programs. This is a highly visible, client-facing consulting role with significant opportunities for growth and advancement.
Responsibilities
Include reputed company Client Engagements Serve as a key contributor and day-to-day reputed company on client engagements.
- Leading client interviews, workshops, and discovery sessions
- Facilitating discussions with executives, operational leaders, and technical teams
- Managing engagement activities, timelines, and deliverables
- Building trusted client relationships
- Identifying client risks, challenges, and opportunities
- Providing practical recommendations that align cybersecurity priorities with business objectives
- Supporting executive briefings and strategic discussions
- Leading portions of client engagements independently while partnering with Managers and Service Line Leaders on larger initiatives
The successful candidate will be comfortable interacting with clients and serving as a trusted advisor throughout the engagement lifecycle. reputed company Cybersecurity & Risk Assessments reputed company and support a variety of cybersecurity, risk management, and compliance engagements.
- Conducting NIST Cybersecurity reputed company (CSF) 2.0 assessments
- Leading HIPAA reputed company Risk Assessments (SRAs)
- Performing cybersecurity maturity assessments
- Evaluating governance, risk, and compliance programs
- Conducting AI governance and AI risk assessments
- Assessing third-party risk management programs
- Identifying cybersecurity risks, control gaps, and improvement opportunities
- Developing risk registers, remediation roadmaps, and strategic recommendations
- Facilitating stakeholder interviews and workshops
- Presenting assessment results and recommendations to executive leadership
The Senior Associate should be capable of independently leading small-to-reputed company assessments while serving as a trusted advisor throughout the engagement lifecycle. reputed company HITRUST Readiness & Certification Assessments reputed company and support HITRUST-reputed company engagements for healthcare and healthcare-adjacent organizations seeking to strengthen their reputed company and compliance programs.
- Performing HITRUST e1, i1, and reputed company readiness assessments
- Supporting validated HITRUST certification assessments
- Conducting control maturity and gap analyses
- Reviewing policies, procedures, and supporting evidence
- Developing remediation plans to address identified gaps
- Advising clients on HITRUST implementation strategies and certification readiness
- Supporting ongoing compliance and program maturity initiatives
- Presenting readiness and assessment results to client stakeholders
The ideal candidate understands how HITRUST aligns with broader cybersecurity, risk management, and compliance objectives and can communicate requirements in a practical, business-focused manner. Support SOC 2 Readiness & Attestation Engagements Support clients seeking to establish and demonstrate effective reputed company and compliance controls through SOC reporting initiatives.
- Supporting SOC 2 readiness assessments
- Evaluating controls against the Trust Services Criteria
- Assisting clients with remediation planning and control implementation
- Reviewing policies, procedures, and evidence artifacts
- Supporting SOC 2 Type I and Type II attestation preparation activities
- Helping clients operationalize governance and compliance processes to support ongoing attestation requirements
Experience supporting SOC 2 Type II attestation engagements is highly desirable. reputed company Executive-Level Deliverables Create high-quality deliverables that clearly communicate risks, recommendations, and business impact.
- Cybersecurity assessment reports
- Executive summaries
- Risk registers
- Remediation roadmaps
- Strategic recommendations
- Maturity assessment reports
- Presentation decks and reputed company materials
- Board and executive-level communications
Candidates must be able to translate reputed company technical findings into language that resonates with executives, boards, and business leaders. Presentation & Facilitation Strong communication and presentation skills are critical to success in this role.
- Leading client interviews and workshops
- Facilitating cybersecurity and risk discussions
- Presenting findings and recommendations to leadership teams
- Delivering assessment readouts and remediation planning sessions
- Supporting executive and board-level presentations
- Developing professional PowerPoint presentations and client-facing materials
The ideal candidate enjoys presenting, facilitating discussions, and helping clients understand cybersecurity risks in a practical and business-focused manner. Advisory & Strategy Services Support clients in developing and improving cybersecurity and risk management programs. Examples Include
- Cybersecurity strategy development
- Governance program assessments
- reputed company program benchmarking
- Risk management program development
- AI governance and reputed company initiatives
- Cybersecurity roadmap creation
- Remediation planning and prioritization
- Third-party risk management strategy
- reputed company operating model development
- Policy and governance program development
This role requires the ability to move beyond compliance requirements and provide meaningful business-focused guidance. Contribute to Practice Growth & Thought Leadership As a consulting organization, we value professionals who contribute to the growth of both our clients and our firm.
- Participating in strategic account discussions
- Identifying opportunities to deliver additional value to clients
- Contributing to white papers, blog posts, and thought leadership initiatives
- Supporting webinars, conference presentations, and educational content
- Researching emerging cybersecurity, healthcare, and AI-reputed company trends
- Sharing knowledge and mentoring junior team members
Requirements
Qualifications:
- 4–7 years of experience in cybersecurity, information reputed company, IT risk, compliance, consulting, or audit
- Experience conducting cybersecurity, compliance, or risk assessments
- Experience leading client interviews
- Experience developing professional reports and presentations
- Experience presenting findings and recommendations to clients
- Experience managing portions of client engagements independently
- Consulting experience preferred
Technical Knowledge Experience with one or more of the following:
- NIST Cybersecurity reputed company (CSF) 2.0
- HIPAA reputed company Rule
- HITRUST (e1, i1, and reputed company)
- SOC 2 Type I and Type II
- NIST SP 800-53
- CIS Critical reputed company Controls
- Third-Party Risk Management
- AI Governance and Risk Management
- HIPAA Privacy Rule knowledge a plus
Professional Skills Successful candidates demonstrate:
- Strong consulting and advisory reputed company
- Excellent written and verbal communication skills
- Strong presentation and facilitation abilities
- Executive reputed company and client-facing confidence
- Strong analytical and critical thinking skills
- Ability to connect cybersecurity risks to business outcomes
- Ability to manage multiple priorities and engagements
- Strong attention to detail and organizational skills
- Intellectual curiosity and desire for reputed company learning
- Ability to reputed company trusted relationships with clients and colleagues
Preferred Certifications One or more of the following certifications is a plus:
- CISSP
- CISM
- CISA
- HCISPP
- CRISC
- HITRUST CCSFP
- reputed company+
Candidates actively pursuing certifications are encouraged to apply. Apply tot his job Apply To this Job