✦ Luna Orbit — Cybersecurity

SAP GRC/ IT Risk Senior Consultant I

at Allstate

📍 2 Locations Hybrid Posted March 31, 2026
Apply Now → ← Browse All Jobs

Position Details

Type Not Specified
Experience senior
Exp. Years 10-14 years
Education Bachelor's Degree
Category Cybersecurity

About this role

Senior SAP GRC / IT risk consultant focusing on governance, risk, and compliance for enterprise cybersecurity within a regulated industry.

Key Responsibilities

  • Lead and execute enterprise cyber risk assessments
  • Develop cyber risk assessment methodologies
  • Translate risks into actionable statements with evidence
  • Drive risk-based decision-making with stakeholders
  • Research regulatory guidance and apply requirements

Technical Overview

Deep experience with GRC frameworks and regulatory requirements (NIST, ISO/IEC 27001/27002, COBIT). Leads risk assessments and regulatory interpretation across complex environments; strong stakeholder communication.

Ideal Candidate

The ideal candidate is a senior cybersecurity risk management professional with 10+ years of experience and deep expertise in governance, risk, and compliance (GRC) frameworks, regulatory interpretation, and risk-based decision making.

Must-Have Skills

NIST CSFNIST SP 800-53ISO/IEC 27001ISO/IEC 27002CIS ControlsCOBITRegulatory frameworks (NYDFS 500GLBAPCI DSSSOX ITGCs)

Nice-to-Have Skills

Experience in largeregulated environmentsFinancial services or insurance industry experienceCRISCCISMCISSPCISAISO 27001 Lead Implementer / Auditor

Required Skills

Cybersecurity risk managementgovernanceriskand compliance (GRC)SAP GRCcloud securitythird-party riskidentity & access managementdata protectionnetwork securityvulnerability managementsecure SDLCrisk assessmentregulatory interpretationcommunication

Hard Skills

Cybersecurity risk managementCloud securitySaaSThird-party riskIdentity & access managementData protectionNetwork securityVulnerability managementSecure SDLCNIST CSFNIST SP 800-53ISO/IEC 27001ISO/IEC 27002CIS ControlsCOBITNYDFS 500GLBAPCI DSSSOX ITGCsRegulatory complianceRisk assessment

Soft Skills

AnalyticalStakeholder communicationInfluence without authorityAttention to detailProblem-solvingMentorshipCross-functional collaboration

Certifications

Required

CRISCCISMCISSPCISAISO 27001 Lead Implementer / Auditor

Preferred

ISO 27001 Lead Implementer / Auditor

Industry & Role

Industry Insurance
Job Function Senior SAP GRC / IT risk consultant focused on governance, risk, and compliance in financial services
Role Subtype Senior cybersecurity consultant

Keywords for Your Resume

sapgrcgovernanceriskand compliancecybersecurityrisk managementrisk assessmentnist csfnist sp 800-53iso/iec 27001iso 27002cis controlscobitnydfs 500pci dsssox itgcsregulatory requirementsdata protectionidentity & access managementcloud securitythird-party riskSAPGRCNIST CSFNIST SP 800-53ISO 27001ISO 27002CIS ControlsCOBITSOX ITGCsNYDFS 500

Deal Breakers

Lack of CRISC/CISM/CISSP/CISA certifications, Less than 10 years of cybersecurity risk experience, No experience with NYDFS 500 or PCI DSS

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile