What are the responsibilities and job description for the IT Risk and Security Consultant position at TRA'BIAN ENTERPRISES?
LOCATION: Columbus, Ohio
POSITION TYPE: ASAP – 06/30/2026
Does your candidate agree and understand that fingerprinting will be required
Interview – Central Ohio candidate: in person; others – Teams.
Central Ohio resident: onsite full time; others – remote.
This security specialist works with the agency CISO, Risk Manager, and Privacy Officer to perform the security analysis and other assigned security/risk tasks. The IT Consultant 1 is a tenured-level professional responsible for identifying, analyzing, and mitigating complex IT risks across the organization’s technology infrastructure. This role involves strategic planning, cross-functional leadership, and subject matter expertise in IT risk management. The IT Consultant 1 will be a part of the IT Risk and Security that works closely with leadership, and external partners to ensure regulatory compliance, enhance the organization’s cybersecurity posture, and support enterprise-wide risk and audit initiatives.
Risk Assessment and Analysis
Lead complex IT risk assessments and threat modeling activities across systems and applications.
Analyze trends and emerging risks to proactively recommend strategic mitigations.
Risk Mitigation and Management
Develop and oversee implementation of advanced risk mitigation strategies.
Monitor risk programs and revise controls based on performance metrics and audit outcomes.
Compliance and Governance
Ensure enterprise-wide compliance with federal and state regulations, including HIPAA, IRS Pub. 1075, NIST 800-53, MARS-E, and ISO standards.
Support policy lifecycle management and contribute to enterprise GRC strategy.
Incident Management
Review System Security Plans (SSPs)
Review, update, and validate system security documentation for critical systems.
Ensure alignment with internal risk policies, external contractual requirements, and frameworks such as NIST and CIS.
External Audit Support
Serve as a key liaison to auditors and regulatory assessors.
Oversee evidence collection, audit response documentation, and control testing coordination.
IT Security Policy Leadership
Lead the creation and revision of organizational IT security policies.
Recommend and draft policy enhancements based on risk assessment results, audit findings, and regulatory changes.
Reporting and Documentation
Skill Required / Desired Amount Number of Years
Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field is required. Required —
Master’s degree in a related field preferred. Highly desired —
Minimum of 7 to 10 years of experience in IT risk management, cybersecurity, or information assurance Required 10
Experiences in Heath and Human Services or Healthcare business preferred. Highly desired —
CISA, CISSP, CRISC, CISM, CGEIT, or similar credentials. Highly desired —
Expertise in risk frameworks (NIST 800-53, MARS-E, ISO 27001), vulnerability management, system security plans, and audit lifecycle management. Required 7
Demonstrated ability to collaborate across teams, influence without authority, and drive organizational change Required 7
POSITION TYPE: ASAP – 06/30/2026
Does your candidate agree and understand that fingerprinting will be required
Interview – Central Ohio candidate: in person; others – Teams.
Central Ohio resident: onsite full time; others – remote.
This security specialist works with the agency CISO, Risk Manager, and Privacy Officer to perform the security analysis and other assigned security/risk tasks. The IT Consultant 1 is a tenured-level professional responsible for identifying, analyzing, and mitigating complex IT risks across the organization’s technology infrastructure. This role involves strategic planning, cross-functional leadership, and subject matter expertise in IT risk management. The IT Consultant 1 will be a part of the IT Risk and Security that works closely with leadership, and external partners to ensure regulatory compliance, enhance the organization’s cybersecurity posture, and support enterprise-wide risk and audit initiatives.
Risk Assessment and Analysis
Lead complex IT risk assessments and threat modeling activities across systems and applications.
Analyze trends and emerging risks to proactively recommend strategic mitigations.
Risk Mitigation and Management
Develop and oversee implementation of advanced risk mitigation strategies.
Monitor risk programs and revise controls based on performance metrics and audit outcomes.
Compliance and Governance
Ensure enterprise-wide compliance with federal and state regulations, including HIPAA, IRS Pub. 1075, NIST 800-53, MARS-E, and ISO standards.
Support policy lifecycle management and contribute to enterprise GRC strategy.
Incident Management
Review System Security Plans (SSPs)
Review, update, and validate system security documentation for critical systems.
Ensure alignment with internal risk policies, external contractual requirements, and frameworks such as NIST and CIS.
External Audit Support
Serve as a key liaison to auditors and regulatory assessors.
Oversee evidence collection, audit response documentation, and control testing coordination.
IT Security Policy Leadership
Lead the creation and revision of organizational IT security policies.
Recommend and draft policy enhancements based on risk assessment results, audit findings, and regulatory changes.
Reporting and Documentation
Skill Required / Desired Amount Number of Years
Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field is required. Required —
Master’s degree in a related field preferred. Highly desired —
Minimum of 7 to 10 years of experience in IT risk management, cybersecurity, or information assurance Required 10
Experiences in Heath and Human Services or Healthcare business preferred. Highly desired —
CISA, CISSP, CRISC, CISM, CGEIT, or similar credentials. Highly desired —
Expertise in risk frameworks (NIST 800-53, MARS-E, ISO 27001), vulnerability management, system security plans, and audit lifecycle management. Required 7
Demonstrated ability to collaborate across teams, influence without authority, and drive organizational change Required 7