Compliance & Risk Consultant

Job Description

The Compliance & Risk Consultant will guide organizations through complex certification and governance programs such as SOC 2, ISO 27001, HIPAA, and PCI-DSS. This role combines technical and business acumen to help clients achieve compliance readiness and maintain security posture alignment.

‍

Key Duties

• Conduct risk assessments, control testing, and compliance gap analyses.
• Map organizational processes to compliance frameworks and regulations.
• Prepare clients for external audits with full documentation and evidence support.
• Advise leadership on security governance and risk mitigation strategies.
• Coordinate with penetration testing and managed security teams to validate findings.

‍

Qualifications

• Experience with SOC 2, ISO 27001, HIPAA, or PCI-DSS frameworks.
• Background in cybersecurity consulting, auditing, or risk management.
• Strong analytical and communication skills for executive reporting.
• Understanding of GRC tools and automated compliance workflows.
• Relevant certifications such as CISA, CISSP, or ISO 27001 Lead Auditor preferred.

‍

Benefits

Comprehensive health and dental insurance, paid family leave, flexible hybrid work, professional development funding, certification support, generous vacation policy, and opportunities for global travel and collaboration.

‍Company Description

Silent Breach is a global leader in offensive cybersecurity, combining cutting-edge research, real-world intelligence, and advanced defensive strategies to protect organizations against the world’s most sophisticated threats. With offices in New York, Paris, Singapore, Chennai, Tampa, and Tallinn, we empower clients to think like hackers - and defend like pros.

New York, USA

Full-Time

Your next career move starts here. Apply now!

Apply now

hello@silentbreach.com

Got questions? We’ve got answers.

Frequently asked questions

What is the hiring process at Silent Breach?

Our recruitment process includes an initial interview, technical assessment, and final conversation with leadership. For technical roles, you may also complete a live challenge or case study that mirrors real client scenarios.

Does Silent Breach hire international applicants or offer relocation support?

Yes. Silent Breach welcomes global talent across all regions. For select roles, we offer relocation assistance or visa sponsorship. Many international employees work remotely or from one of our global offices in New York, Paris, Singapore, Chennai, Tampa, or Tallinn.

How does Silent Breach support professional growth?

We invest heavily in training and certifications. Employees receive funding for industry-recognized credentials such as OSCP, CISSP, and AWS Security, as well as opportunities to attend global cybersecurity conferences.

What kind of projects will I work on?

Our teams handle high-impact, real-world cybersecurity challenges - from global penetration tests and 0-day research to managed defense for Fortune 500 companies and critical infrastructure operators.

What benefits do employees receive?

Silent Breach offers comprehensive health and dental insurance, paid family leave, flexible vacation, certification sponsorship, and a collaborative, research-driven culture where every team member contributes to innovation.