Risk Management Consultant - GRC Practice Job at Artemis Connection, Remote

TURGQ0ZzR2xZdUtKMEF4a0FGK0xGcUwvVGc9PQ==
  • Artemis Connection
  • Remote

Job Description

About Artemis Connection

Artemis Connection is a strategic management consultancy working across the for-profit, public, and social sectors. We help clients around the world identify their most pressing strategic issues and staff teams of strategy consultants to roll up their sleeves and deliver impact. We are passionate about helping innovative and entrepreneurial leaders reach their goals through a customized, project-based approach.

Our GRC practice works with organizations navigating complex regulatory environments, scaling compliance programs, and building risk frameworks that drive real decisions. Our clients include high-growth technology companies, government contractors, and mission-driven organizations that need enterprise risk programs tailored to how they actually operate, not inherited from a template or captured by a single function.

Our founder is Christy Johnson, an entrepreneur, educator, and former McKinsey Engagement Manager. Our team is made up of seasoned consultants trained at organizations such as McKinsey & Company, BCG, Bain, Big 4 Strategy, and elite educational institutions.

About the Role

In this role, you will help clients build and mature enterprise risk programs that address the full spectrum of organizational exposure, including strategic, operational, financial, regulatory, and reputational risk, with cybersecurity treated as one critical dimension of a broader risk universe rather than the primary lens.

This is a client-facing role that demands genuine enterprise risk fluency. You should be as comfortable discussing board risk appetite statements and third-party concentration risk as you are reviewing a cybersecurity control framework. The clients who need you most are the ones whose risk programs have been captured by a single function, usually IT or legal, and who need help building something that actually reflects how the organization operates and where it is genuinely exposed.

What You'll Do

Lead Enterprise Risk Assessments

Lead enterprise risk assessments spanning strategic objectives, operational dependencies, workforce and leadership risk, regulatory exposure, supply chain and vendor concentration, financial controls, and reputational considerations. Facilitate risk identification workshops with senior leadership and help organizations move from intuition-based risk lists to structured, evidence-driven risk registers that are actually used in decision-making.

Design or Mature ERM Frameworks

Help clients design or mature their ERM frameworks, drawing on standards like COSO ERM, ISO 31000, and NIST RMF as appropriate to the client's context and regulatory environment. Develop risk appetite and tolerance statements, key risk indicators, and escalation protocols that give boards and executive teams meaningful visibility into the risks that matter most.

Assess Technology and Information Risk Practices

Cybersecurity risk will be a consistent thread across your engagements. Assess how clients identify, govern, and respond to technology and information risk. Map their environments against frameworks like NIST CSF 2.0, ISO 27001, and CMMC 2.0 where relevant, and ensure that cyber risk is translated into business impact terms that non-technical stakeholders can act on. The goal is integration, not isolation. Cyber risk should inform enterprise risk, not live in a separate silo.

Assess Governance Structures

Assess governance structures including risk committee charters, three-lines-of-defense models, risk ownership accountability, and the quality of risk reporting to senior leadership and boards. Where clients lack the internal structures to sustain a risk program, help them build those structures before the engagement closes.

Business Development Support

Contribute meaningfully to the practice's pipeline. This includes participating in proposal development, scoping and estimating new engagements, identifying expansion opportunities within existing client relationships, and representing the practice at industry events or working groups. You will not typically be expected to originate large engagements independently but should be able to identify and advance opportunities through the pipeline with principal-level support.

What You Bring

Required

  • Minimum 5 to 7 years of experience in enterprise risk management, internal audit, management consulting, or a closely related discipline
  • Hands-on experience with COSO ERM, ISO 31000, or a comparable ERM framework, demonstrated through program design or maturity assessments, not just familiarity
  • Demonstrated experience working directly with senior leadership and boards, including the ability to facilitate difficult conversations about risk without losing the room
  • Deep understanding of how organizational risk programs are designed, where they tend to fail, and what separates a risk register that drives decisions from one that sits unused in a SharePoint folder
  • Sufficient cybersecurity literacy to engage meaningfully with IT and security teams, interpret control assessments, and translate technical findings into enterprise risk terms, including familiarity with NIST CSF, ISO 27001, or comparable frameworks
  • Strong written and verbal communication skills, including the ability to distill complex risk landscapes into clear, board-ready summaries

Preferred

  • Relevant professional certifications such as CRISC, CRMA, CIA, CISM, or an MBA or advanced degree in risk, finance, or a related field
  • Minimum 2+ years of consulting or client-facing advisory experience
  • Familiarity with sector-specific regulatory environments such as financial services, healthcare, defense, critical infrastructure, or emerging technology
  • Experience with quantitative or semi-quantitative risk methodologies such as FAIR

What Makes Someone Successful Here

The consultants who thrive here understand that risk management is ultimately a leadership discipline. Frameworks and tools matter, but the real work is helping organizations develop an honest picture of where they are exposed and the institutional will to do something about it.

You ask good questions before you write recommendations. You can distinguish between a client who has a risk program problem and one who has a governance problem that a risk program cannot fix on its own. You communicate with precision and without jargon, and you know when a board needs a clean two-page risk summary and when they need a harder conversation.

Compensation and Structure

This role is structured as a project-based engagement, typically 12 months in duration with the possibility to extend based on client needs and performance. This role is remote, with occasional travel potentially required based on client needs. Compensation is competitive and commensurate with experience; details will be discussed during the interview process.

Job Tags

Remote job, Contract work, For contractors, Live in

Similar Jobs

Gesture

Data Marketing Engineering Intern Job at Gesture

 ...Data Marketing Engineer Intern Location: ONSITE / IN-OFFICE NYC / HYBRID Internship Duration: 6 MONTHS Department: Marketing & Data Analytics Type: Internship | Part-Time or Full-Time | Paid or Academic Credit Immediate Openings Only:Please note... 

ENS Solutions, LLC

Policy Analyst - TS/SCI with CI Poly Job at ENS Solutions, LLC

 ...The Policy Analyst Senior, will advise and assist with strategic planning, policy, and business analysis, with a focus on providing expert strategic- and operational-level assistance. The contractor will provide business management and strategy support to synchronize... 

Gpac

Entry Level Recruiter Job at Gpac

 ...largest and most successful executive search firms in the country, with over 750 search consultants. We do not require previous recruiting experience because we provide the proper training, tools, resources and support to reach your individual earning goals. We also have... 

Aramark

Barista - MLH Lankenau - WPS Starbucks Job at Aramark

 ...The Barista Lead crafts a memorable experience for our customers by providing timely service, quality beverages and products, and maintaining a clean and comfortable location environment. The Barista Lead is responsible for helping train Baristas, processing transactions... 

Truck with Jed Logistics

Truck Driver/CDL-A / OTR Job at Truck with Jed Logistics

 ...Hiring immediately for Class A Driver! Bold Safe Trucking is a top employer of CDL Truck Drivers across the country. In addition to a great starting salary, we offer great benefits and great schedules. Come work for a great company that takes pride in its Drivers....