Cybersecurity Engineer 3

Role: Cybersecurity Engineer 3

Location: Peoria, IL, Irving, TX, or Nashville, TN (Onsite)
Duration: 12 Months

Description: Client’s Cyber Risk Management team is seeking a TPL resource to support the execution and maturation of the enterprise cyber risk program. This role focuses on risk acceptance facilitation, executive communication, qualitative risk analysis, and risk register lifecycle management. This role would also have an opportunity to help design and provide input to the direction of the cyber risk program through several process improvement workstreams occurring throughout 2026. The ideal candidate provides an external perspective and contributes to both execution and process improvement.

Position’s Contributions to Work Group:

•         Facilitate risk acceptance and awareness discussions with senior leadership; translate technical risks into business terms.

•         Develop executive-ready presentations and proactively anticipate leadership questions and data needs.

•         Maintain and track the cyber risk register, including follow-up on remediation actions and acceptance decisions.

•         Perform qualitative risk analysis (likelihood and impact) using scenario-based models.

•         Evaluate control effectiveness and compensating controls; provide risk-based recommendations.

•         Support and contribute to the design and improvement of the cyber risk management program and associated processes.

Reason/motivation for request:

Typical task breakdown:

•     Facilitate risk acceptance and awareness discussions with senior leadership; translate technical risks into business terms.

•     Develop executive-ready presentations and proactively anticipate leadership questions and data needs.

•     Maintain and track the cyber risk register, including follow-up on remediation actions and acceptance decisions.

•     Perform qualitative risk analysis (likelihood and impact) using scenario-based models.

•     Evaluate control effectiveness and compensating controls; provide risk-based recommendations.

•     Support and contribute to the design and improvement of the cyber risk management program and associated processes.

Education & Experience Required:

•         Bachelors degree with 5+ years experience in this capacity

•         No degree, they must have at a minimum of 7+ years in this capacity.

Required Technical Skills

(Required)

•         5+ years in cyber risk, IT risk, or information security risk (consulting or Big 4 experience preferred).

•         Strong communication and presentation skills with ability to engage senior leadership.

•         Ability to translate technical concepts into business risk language.

•         Experience managing risk registers and tracking remediation activities.

•         Technical understanding of systems, controls, and risk scenarios.

•         Proactive, organized, and able to anticipate stakeholder needs.

•         Experience contributing to risk program design or process improvement 

Nice to Have:

•         Experience with qualitative risk analysis methodologies in cybersecurity or IT environments.

•         Prior experience with FAIR (Factor Analysis of Information Risk).

•         Familiarity with ISO 27001, NIST, or similar frameworks.

•         Experience with ServiceNow IRM or similar GRC platforms.

•         Relevant certifications (CISSP, CISA, CISM, CRISC).