Job Description: | The Expert Cyber Risk Management Engineer assesses enterprise information security solutions and services, including authentication and authorization, public key infrastructure, data loss prevention, third-party risk management, and security event analytics. This role requires proactive research and analysis of complex, enterprise-scale cybersecurity challenges. In addition to evaluating processes and technologies, the engineer advises on the development and maintenance of security systems. Responsibilities - Develop processes, maintain internal frameworks, create documentation templates, and implement tooling to support and mature assurance service delivery.
- Collaborate with security specialists, enterprise architects, and other technical leaders to ensure security solutions sufficiently mitigate risks and align with business objectives and regulatory requirements.
- Analyze risk exposure and consult on the design of cyber risk management capabilities where improvements are needed.
- Assess the effectiveness of cybersecurity capabilities, provide guidance on managing risks associated with ineffective controls, and influence decision-making by educating stakeholders.
- Track and report issue status, ensuring timely resolution of identified risks.
- Communicate cybersecurity risks and solutions to technical and non-technical audiences across all levels of management.
- Advise on enterprise-level decisions by presenting insights to senior leadership, including technology executives and governance bodies.
- Collaborate with legal, compliance, and audit teams to ensure alignment with regulatory expectations and contractual obligations.
- Maintain ongoing communication with leadership regarding developments in assigned areas and contribute to special projects as needed.
- Provide thought leadership and consulting support in the creation and maintenance of security-enabled processes across cybersecurity and technology teams.
- Mentor team members on technical topics, interpersonal dynamics, organizational policies, and enterprise operations.
- Partner with infrastructure, application, and data teams to ensure security controls are embedded across technology lifecycles and operational processes.
- Conduct regular risk assessments to ensure compliance with internal policies, external regulations, and industry standards; update unified requirements and document corrective actions.
- Define and track key performance indicators (KPIs) for cyber risk management capabilities, including issue closure rates, control effectiveness, and remediation timelines.
- Stay current with emerging threats, trends, and technologies, and provide strategic recommendations to enhance the organizations security posture.
- Contribute to the development and enforcement of cybersecurity policies, standards, and guidelines to ensure consistent and effective practices.
- Advise on the selection and implementation of security tools and technologies aligned with the cyber risk management strategy.
|
Skills/Experience: | Qualifications - Strong communication skills, with emphasis on active listening and clarity.
- Demonstrated empathy and ability to build trust within teams.
- Proven ability to research and maintain current technical knowledge in a rapidly evolving environment.
- Experience with Azure and Oracle public cloud infrastructures.
- Expertise in preparing business plans, IT strategies, technology roadmaps, and technical proposals.
- Ability to analyze business requirements and recommend timely, effective solutions.
- Demonstrated creativity and problem-solving skills in directing analysis and developing solutions.
- Knowledge of project development life cycle, with ability to coordinate and prioritize multiple initiatives.
|