The Role
As a Cybersecurity Risk Associate, you will conduct risk assessments, provide AI security advisory, assess security postures, and train clients on cybersecurity best practices.
Summary Generated by Built In
Cybersecurity Risk Associate - Hybrid position
Drawbridge Client Success / Technical AdvisoryWorking at DrawbridgeAt Drawbridge, we are committed to attracting and retaining the best individuals who enjoy working in a dynamic environment. You will be joining an agile team that will help you at every level of your career to identify and use your strengths to grow. This is an opportunity to work at a company that is open to new ideas as we build a dynamic and diverse environment for our employees. The work will be challenging and rewarding. You will gain hands-on experience from a team who strives to see its employees succeed.Working in Client SuccessYou will be joining a team of technical cybersecurity consultants who have a passion for understanding and defending against emerging cyber threats. Our clients rely on our expertise to help them navigate the constantly changing cybersecurity landscape, and our team of consultants pair their technical knowledge and industry insight to offer critical risk management advice. The technical advisory team works as a collaborative unit, with each member bringing a unique technical skillset to the table.Our Values
Drawbridge Client Success / Technical AdvisoryWorking at DrawbridgeAt Drawbridge, we are committed to attracting and retaining the best individuals who enjoy working in a dynamic environment. You will be joining an agile team that will help you at every level of your career to identify and use your strengths to grow. This is an opportunity to work at a company that is open to new ideas as we build a dynamic and diverse environment for our employees. The work will be challenging and rewarding. You will gain hands-on experience from a team who strives to see its employees succeed.Working in Client SuccessYou will be joining a team of technical cybersecurity consultants who have a passion for understanding and defending against emerging cyber threats. Our clients rely on our expertise to help them navigate the constantly changing cybersecurity landscape, and our team of consultants pair their technical knowledge and industry insight to offer critical risk management advice. The technical advisory team works as a collaborative unit, with each member bringing a unique technical skillset to the table.Our Values
- Innovation: As the market leader, Drawbridge draws on its in-depth, collective expertise in its constant effort to innovate both our platform and our approach to service
- Integrity: Our clients and partners lean on us because they know we are trustworthy and honor what we say
- Collaboration: We are here to win, and we only win when we work together across teams
- Diversity: We are inclusive. We honor, respect, and appreciate each other's differences and perspectives
In this role you will:
- Conduct risk assessments and security audits of client cloud environments
- Assess the security posture of cloud platforms and infrastructure including but not limited to Microsoft 365, Google Workspace, Azure, and AWS
- Perform risk assessments of AI platforms used by clients, including Claude, ChatGPT, and Gemini — evaluating data handling, access controls, model configuration, and integration risk
- Provide AI security advisory to clients, covering safe adoption, deployment patterns, permission and data-sharing reviews, policy development, and ongoing governance of AI tools across the firm
- Lead AI security training sessions for client teams — translating evolving AI risks, regulatory expectations, and best practices into practical guidance employees and stakeholders can act on
- Schedule, conduct, and lead risk assessment meetings with clients and IT providers
- Assess operational business risks and provide remediation and mitigation guidance
- Act as an escalation point for technical questions from clients and internal teams
- Participate in the enhancement of existing Drawbridge products, reports, and processes
- Assist and advise clients with cyber training, incident response, operational due diligence, and/or SEC cyber audit requirements
- Identify and evaluate complex business and technology risks, controls to mitigate risks, and related opportunities for control improvement
- Learn applicable regulatory framework and compliance guidelines for cybersecurity (including but not limited to SEC, NFA, FCA, MAS)
- Continuously learn and advance your cybersecurity knowledge, bringing new insights back to both client engagements and the broader team
- Maintain tracking of internal tasks, provide status updates to clients, team members, and managers, and ensure open and consistent communication with all stakeholders
- Establish and maintain relationships with clients, IT providers, and other service providers
You Have
- Sound knowledge of IT networking concepts including but not limited to segmentation, DNS, the OSI model, and network topologies
- Working knowledge of AI risk concepts such as data leakage, third-party model exposure, and responsible AI use in enterprise environments
- Sound knowledge of cloud infrastructure controls and concepts related to solutions such as Microsoft 365, AWS, and Google Workspace
- Familiarity with cybersecurity concepts such as business continuity, disaster recovery, incident response, and network security
- An understanding of vulnerability management concepts and methodologies
- Proven experience in a client/customer-facing role
- Experience discussing technical concepts with a non-technical audience
- Excellent written and verbal communication skills
- Excellent time management skills
- Sound knowledge of security standards and frameworks such as, but not limited to, NIST, CIS, COBIT, etc.
- Previous experience deploying security controls and policies within cloud infrastructure environments
- Familiarity with AI security frameworks and guidance (NIST AI RMF, OWASP LLM Top 10, MITRE ATLAS) and enterprise AI governance
- Knowledge of hedge fund, private equity, or RIA operations/compliance
- CRISC, CISA, CISSP, CIPP, AAISM, Security+ certifications
- $90,000 – $105,000
We Offer
- Competitive compensation package
- Employer Retirement/401(k) plan with company contribution
- Medical, Dental, Vision Coverage, Disability, and Life Insurance
- Health Savings Account (HSA) or Flexible Spending Account (FSA)
- Generous Paid Time Off Policy
- Healthy Work/Life Balance
- Phone Reimbursement Perk
- Exclusive Employee Discounts & Perks offered through ADP and insurance
- Tuition Reimbursement
Skills Required
- Sound knowledge of IT networking concepts
- Working knowledge of AI risk concepts
- Sound knowledge of cloud infrastructure controls
- Experience in a client/customer-facing role
- Excellent written and verbal communication skills
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment and wealth management industry. Its proprietary platform helps firms manage their governance, risk, and compliance (GRC) requirements while combatting sophisticated cyber threats and third-party risks. Drawbridge's platform connects business, compliance, and IT to empower firms to centralize and manage their most robust security programs, improve their risk profile and raise institutional capital. With a tested team focused on value delivery and an 800+ strong customer base, Drawbridge offers unmatched customer service and flexibility to help businesses proactively manage vulnerabilities, plan for growth, and reduce complexity.
.png)
