Senior IT Security Risk Consultant (Application & Re...

Willing to start a new freelance challange? Get in touch.

What You'll Do

• Design and enhance an application security risk assessment framework
• Define and structure the assessment methodology and reporting standards
• Execute end-to-end security risk assessments across business applications
• Analyse application architecture, business context, and technical environments
• Identify threats, risk scenarios, and control gaps
• Provide clear, actionable remediation recommendations
• Produce structured risk reports for technical and business stakeholders
• Align assessments with regulatory frameworks (DORA, ISO 27001, NIST, CIS, etc.)
• Collaborate with architects, IT teams, CISO office, risk & business stakeholders
• Support remediation tracking and governance follow-up

What you bring

• 5-10 years of experience in IT security risk assessment
• Proven experience designing or improving security risk frameworks
• Strong knowledge of ISO 27001, NIST, CIS and DORA
• Experience working in regulated financial environments
• Strong understanding of threat modelling and risk methodologies (e.g. MITRE, EBIOS)
• Ability to translate technical findings into business-relevant risk insights
• Experience interacting with senior stakeholders

Interested? Apply today!

myNEBIRU : Not into this role, but interested in what NEBIRU does? That’s totally fine.

Visit to see how we can support you - even outside our client missions. Let’s build the bridge to your next step, together.