Technology Risk & Security - Functional Consultant
Top Benefits
About the role
Technology Risk & Security - Functional Consultant
In Canada - Toronto
The Technology Risk & Security Manager serves as the bridge between business demand, IT architecture, cybersecurity, SOC, audit, compliance, procurement, privacy, and implementation teams. The role operates within the company’s Technology Demand Intake Process, which is closely connected to implementation and lifecycle governance.
The role focuses on reviewing technical concepts, stand-alone products, services, and AI-enabled solutions that the company plans to implement or integrate into its complex global enterprise technology landscape, including SaaS, PaaS, SAP, and AI-enabled platforms.
The Technology Risk & Security Manager is responsible for assessing and governing new technology demands, services, platforms, and AI-enabled solutions through the organization’s technology intake process. The role ensures that security, compliance, architecture, operational, and business risks are identified, clearly documented, and addressed through effective and practical mitigation measures before implementation.
What makes us special
Become part of a unique entrepreneurial team. Think independently, use your initiative, and take some risks. Entrepreneurship is a powerful force that drives the growth not only of our firm but our clients and people. Unlock the power of opportunity. Advance your career in a thriving company with a startup feel. We invest in your professional development every step of the way. Work in a values-driven culture. At Simon-Kucher, our vision is to become the world's leading growth specialist. Our values guide the way we do business and communicate our distinctiveness. They sum up what we stand for, influence our culture, and drive how and why we do things. Invest in your future. All US and Canadian employees enjoy 401(k) & RRSP benefits with company matching. Prioritize your health and well-being. No matter where you live, we offer a competitive suite of health benefits to help keep you and your loved ones safe. Enjoy balance and flexible working. Be empowered to do your best work – whether it’s from home or in the office.
How you will create an impact
Core Responsibilities Manage the end-to-end Technology Demand Intake and Risk Assessment process for new technologies, platforms, tools, and AI-enabled solutions. Assess security, compliance, operational, vendor, and architecture risks; identify mitigation strategies and recommend risk treatment decisions. Prepare executive-ready reports and present findings to IT leadership, governance boards, and risk committees. Partner with Security, IT, Architecture, Procurement, Legal, Privacy, Audit, and business stakeholders to evaluate and approve technology solutions. Ensure new technologies comply with security policies, controls, and integration requirements. Maintain risk documentation, exception records, control evidence, and governance reporting while continuously improving intake processes. Stay current on emerging technologies, AI, cybersecurity trends, regulatory requirements, and industry control frameworks Business & Stakeholder Engagement Translate business requirements into security and compliance recommendations that enable timely technology decisions. Communicate complex technical concepts through presentations, decision papers, and executive-facing materials. Facilitate collaboration across IT architecture, infrastructure, business teams, vendors, and other stakeholders.
Vendor & Project Support
Support vendor assessments, RFPs, technical evaluations, and solution reviews. Contribute to cross-functional IT projects by identifying dependencies, risks, and process improvements. Work effectively in agile, global project environments with multiple priorities and tight timelines.
About You
Organizational Background Experience in a complex global environment, comparable consulting or service industries is preferred.
Technical Expertise
Bachelor’s Degree required – preferred in the area of Technology, MIS, Cybersecurity, etc. 5+ years of experience in technology risk, cybersecurity, IT governance, GRC, IT audit, security architecture, or technology consulting. Strong knowledge of cybersecurity, technology risk management, compliance, enterprise IT governance, and emerging AI-enabled technologies. Experience assessing SaaS, cloud, third-party, and AI-enabled solutions, with the ability to identify risks, mitigation strategies, and implementation requirements. Experience improving governance processes, workflows, standards, and risk management practices. Knowledge of security and governance frameworks such as ISO 27001, SOC 2, ITIL, or similar. Experience with security controls, risk assessments, compliance, audit support, and governance approval processes. Ability to evaluate platform architecture, integrations, identity and access management, data flows, encryption, logging, monitoring, and operational security. Understanding of enterprise architecture, cloud security, vendor risk management, and secure technology implementation.
Communication & Collaboration
Strong stakeholder management skills with experience working across IT, Security, Architecture, Compliance, Privacy, Legal, Procurement, Audit, and business teams. Experience preparing executive-level presentations, risk reports, and decision-ready documentation, and presenting recommendations to senior leadership.
Vendor & Project Experience
Experience evaluating third-party vendors, cloud platforms, SaaS solutions, and managed services within global IT environments. Experience supporting technology onboarding, vendor risk assessments, procurement, RFPs, and cross-functional technology initiatives. Ability to manage risks, remediation activities, project dependencies, and implementation progress across the technology lifecycle.
Preferred Certifications
CISSP, CISM, CRISC, CISA, CCSP, ISO 27001 Lead Implementer/Auditor, or equivalent certification (or comparable hands-on experience). The pay range for this position in Toronto is $160,000 – $168,000 CAD/yr. Compensation may vary depending on relevant experience, skills, geographic location, and business needs. We offer a comprehensive package of benefits including paid time off, 13 paid holidays per year, medical/dental/vision insurance, basic life insurance, and 401(k) to eligible employees.
About Simon-Kucher
Simon-Kucher is a global consultancy with more than 2,200 employees in 30+ countries. Our sole focus is on unlocking better growth that drives measurable revenue and profit for our clients. As a trusted commercial advisor, we combine deep consulting expertise, growth specialization, and technology to scale impact. We optimize every lever of commercial strategy – product, pricing, innovation, marketing, sales, and digital – based on deep insights into what customers value and are willing to pay for. With over 40 years of experience in monetization, we are regarded as the world’s leading commercial growth and pricing specialist.
Simon-Kucher is an Equal Employment Opportunity (“EEO”) employer. Our employment decisions are made without regard to race, color, religion, gender, national origin, age, disability, marital status, veteran or military status, or any other legally protected status.
We believe in building a culture that embraces belonging, creating an environment in which our people feel valued, are able to be themselves and feel their contribution matters. If we get that right, great things will happen; people will grow faster, innovate, feel valued, and create better outcomes for everyone – our people, our clients and, of course, our business.
Simon-Kucher North America Talent Acquisition Team
RecruitingNorthAmerica@simon-kucher.com simon-kucher.com/careers
Not the right fit? Search for Technology Risk & Security jobs in Toronto, Ontario, Canada
About Simon-Kucher
Simon-Kucher is a global consultancy with more than 2,000 employees in 30+ countries. Our sole focus is on unlocking better growth that drives measurable revenue and profit for our clients. We achieve this by optimizing every lever of their commercial strategy – product, price, innovation, marketing, and sales – based on deep insights into what customers want and value. With nearly 40 years of experience in monetization topics of all kinds, we are regarded as the world’s leading pricing and growth specialist. (Legal notice: https://www.simon-kucher.com/en/legal-notice)
-- Terms of use: Simon-Kucher's official LinkedIn page is run by Simon-Kucher & Partners Strategy & Marketing Consultants (SK). This is a public forum and we welcome your comments, thoughts and insights. However, all posts are regularly monitored and SK will remove, hide and/or delete any that are found to be abusive or deemed inappropriate for this page for whatever reason, including content that is deemed none compliant with LinkedIn’s User Agreement (https://www.linkedin.com/legal/user-agreement). This includes the banning and reporting of users who are deemed to be non compliant with the above expectations of Simon-Kucher. All comments, visuals, links to other digital pages and other type of material posted by followers on this site ("User Content") do not necessarily reflect the opinions or values of SK, its employees, partners or affiliates. SK does not represent or warrant the accuracy of any statement or product claims made here, is not responsible for any User Content on this site and does not endorse any opinions expressed on this page.
Similar Jobs
Technology Risk & Security - Functional Consultant
Top Benefits
About the role
Technology Risk & Security - Functional Consultant
In Canada - Toronto
The Technology Risk & Security Manager serves as the bridge between business demand, IT architecture, cybersecurity, SOC, audit, compliance, procurement, privacy, and implementation teams. The role operates within the company’s Technology Demand Intake Process, which is closely connected to implementation and lifecycle governance.
The role focuses on reviewing technical concepts, stand-alone products, services, and AI-enabled solutions that the company plans to implement or integrate into its complex global enterprise technology landscape, including SaaS, PaaS, SAP, and AI-enabled platforms.
The Technology Risk & Security Manager is responsible for assessing and governing new technology demands, services, platforms, and AI-enabled solutions through the organization’s technology intake process. The role ensures that security, compliance, architecture, operational, and business risks are identified, clearly documented, and addressed through effective and practical mitigation measures before implementation.
What makes us special
Become part of a unique entrepreneurial team. Think independently, use your initiative, and take some risks. Entrepreneurship is a powerful force that drives the growth not only of our firm but our clients and people. Unlock the power of opportunity. Advance your career in a thriving company with a startup feel. We invest in your professional development every step of the way. Work in a values-driven culture. At Simon-Kucher, our vision is to become the world's leading growth specialist. Our values guide the way we do business and communicate our distinctiveness. They sum up what we stand for, influence our culture, and drive how and why we do things. Invest in your future. All US and Canadian employees enjoy 401(k) & RRSP benefits with company matching. Prioritize your health and well-being. No matter where you live, we offer a competitive suite of health benefits to help keep you and your loved ones safe. Enjoy balance and flexible working. Be empowered to do your best work – whether it’s from home or in the office.
How you will create an impact
Core Responsibilities Manage the end-to-end Technology Demand Intake and Risk Assessment process for new technologies, platforms, tools, and AI-enabled solutions. Assess security, compliance, operational, vendor, and architecture risks; identify mitigation strategies and recommend risk treatment decisions. Prepare executive-ready reports and present findings to IT leadership, governance boards, and risk committees. Partner with Security, IT, Architecture, Procurement, Legal, Privacy, Audit, and business stakeholders to evaluate and approve technology solutions. Ensure new technologies comply with security policies, controls, and integration requirements. Maintain risk documentation, exception records, control evidence, and governance reporting while continuously improving intake processes. Stay current on emerging technologies, AI, cybersecurity trends, regulatory requirements, and industry control frameworks Business & Stakeholder Engagement Translate business requirements into security and compliance recommendations that enable timely technology decisions. Communicate complex technical concepts through presentations, decision papers, and executive-facing materials. Facilitate collaboration across IT architecture, infrastructure, business teams, vendors, and other stakeholders.
Vendor & Project Support
Support vendor assessments, RFPs, technical evaluations, and solution reviews. Contribute to cross-functional IT projects by identifying dependencies, risks, and process improvements. Work effectively in agile, global project environments with multiple priorities and tight timelines.
About You
Organizational Background Experience in a complex global environment, comparable consulting or service industries is preferred.
Technical Expertise
Bachelor’s Degree required – preferred in the area of Technology, MIS, Cybersecurity, etc. 5+ years of experience in technology risk, cybersecurity, IT governance, GRC, IT audit, security architecture, or technology consulting. Strong knowledge of cybersecurity, technology risk management, compliance, enterprise IT governance, and emerging AI-enabled technologies. Experience assessing SaaS, cloud, third-party, and AI-enabled solutions, with the ability to identify risks, mitigation strategies, and implementation requirements. Experience improving governance processes, workflows, standards, and risk management practices. Knowledge of security and governance frameworks such as ISO 27001, SOC 2, ITIL, or similar. Experience with security controls, risk assessments, compliance, audit support, and governance approval processes. Ability to evaluate platform architecture, integrations, identity and access management, data flows, encryption, logging, monitoring, and operational security. Understanding of enterprise architecture, cloud security, vendor risk management, and secure technology implementation.
Communication & Collaboration
Strong stakeholder management skills with experience working across IT, Security, Architecture, Compliance, Privacy, Legal, Procurement, Audit, and business teams. Experience preparing executive-level presentations, risk reports, and decision-ready documentation, and presenting recommendations to senior leadership.
Vendor & Project Experience
Experience evaluating third-party vendors, cloud platforms, SaaS solutions, and managed services within global IT environments. Experience supporting technology onboarding, vendor risk assessments, procurement, RFPs, and cross-functional technology initiatives. Ability to manage risks, remediation activities, project dependencies, and implementation progress across the technology lifecycle.
Preferred Certifications
CISSP, CISM, CRISC, CISA, CCSP, ISO 27001 Lead Implementer/Auditor, or equivalent certification (or comparable hands-on experience). The pay range for this position in Toronto is $160,000 – $168,000 CAD/yr. Compensation may vary depending on relevant experience, skills, geographic location, and business needs. We offer a comprehensive package of benefits including paid time off, 13 paid holidays per year, medical/dental/vision insurance, basic life insurance, and 401(k) to eligible employees.
About Simon-Kucher
Simon-Kucher is a global consultancy with more than 2,200 employees in 30+ countries. Our sole focus is on unlocking better growth that drives measurable revenue and profit for our clients. As a trusted commercial advisor, we combine deep consulting expertise, growth specialization, and technology to scale impact. We optimize every lever of commercial strategy – product, pricing, innovation, marketing, sales, and digital – based on deep insights into what customers value and are willing to pay for. With over 40 years of experience in monetization, we are regarded as the world’s leading commercial growth and pricing specialist.
Simon-Kucher is an Equal Employment Opportunity (“EEO”) employer. Our employment decisions are made without regard to race, color, religion, gender, national origin, age, disability, marital status, veteran or military status, or any other legally protected status.
We believe in building a culture that embraces belonging, creating an environment in which our people feel valued, are able to be themselves and feel their contribution matters. If we get that right, great things will happen; people will grow faster, innovate, feel valued, and create better outcomes for everyone – our people, our clients and, of course, our business.
Simon-Kucher North America Talent Acquisition Team
RecruitingNorthAmerica@simon-kucher.com simon-kucher.com/careers
Not the right fit? Search for Technology Risk & Security jobs in Toronto, Ontario, Canada
About Simon-Kucher
Simon-Kucher is a global consultancy with more than 2,000 employees in 30+ countries. Our sole focus is on unlocking better growth that drives measurable revenue and profit for our clients. We achieve this by optimizing every lever of their commercial strategy – product, price, innovation, marketing, and sales – based on deep insights into what customers want and value. With nearly 40 years of experience in monetization topics of all kinds, we are regarded as the world’s leading pricing and growth specialist. (Legal notice: https://www.simon-kucher.com/en/legal-notice)
-- Terms of use: Simon-Kucher's official LinkedIn page is run by Simon-Kucher & Partners Strategy & Marketing Consultants (SK). This is a public forum and we welcome your comments, thoughts and insights. However, all posts are regularly monitored and SK will remove, hide and/or delete any that are found to be abusive or deemed inappropriate for this page for whatever reason, including content that is deemed none compliant with LinkedIn’s User Agreement (https://www.linkedin.com/legal/user-agreement). This includes the banning and reporting of users who are deemed to be non compliant with the above expectations of Simon-Kucher. All comments, visuals, links to other digital pages and other type of material posted by followers on this site ("User Content") do not necessarily reflect the opinions or values of SK, its employees, partners or affiliates. SK does not represent or warrant the accuracy of any statement or product claims made here, is not responsible for any User Content on this site and does not endorse any opinions expressed on this page.