Sr. Expert Cyber Risk Management Engineer

Job Title: Sr. Expert Cyber Risk Management Engineer

Location: Oakland, CA (Onsite)

Job Description:

• Strong communication skills, with emphasis on active listening and clarity.
• Demonstrated empathy and ability to build trust within teams.
• Proven ability to research and maintain current technical knowledge in a rapidly evolving environment.
• Experience with Azure and Oracle public cloud infrastructures.
• Expertise in preparing business plans, IT strategies, technology roadmaps, and technical proposals.
• Ability to analyze business requirements and recommend timely, effective solutions.
• Demonstrated creativity and problem-solving skills in directing analysis and developing solutions.
• Knowledge of project development life cycle, with ability to coordinate and prioritize multiple initiatives

Responsibilities:

• Develop processes, maintain internal frameworks, create documentation templates, and implement tooling to support and mature assurance service delivery.
• Collaborate with security specialists, enterprise architects, and other technical leaders to ensure security solutions sufficiently mitigate risks and align with business objectives and regulatory requirements.
• Analyze risk exposure and consult on the design of cyber risk management capabilities where improvements are needed.
• Assess the effectiveness of cybersecurity capabilities, provide guidance on managing risks associated with ineffective controls, and influence decision-making by educating stakeholders.
• Track and report issue status, ensuring timely resolution of identified risks.
• Communicate cybersecurity risks and solutions to technical and non-technical audiences across all levels of management.
• Advise on enterprise-level decisions by presenting insights to senior leadership, including technology executives and governance bodies.
• Collaborate with legal, compliance, and audit teams to ensure alignment with regulatory expectations and contractual obligations.
• Maintain ongoing communication with leadership regarding developments in assigned areas and contribute to special projects as needed.
• Provide thought leadership and consulting support in the creation and maintenance of security-enabled processes across cybersecurity and technology teams.
• Mentor team members on technical topics, interpersonal dynamics, organizational policies, and enterprise operations.
• Partner with infrastructure, application, and data teams to ensure security controls are embedded across technology lifecycles and operational processes.
• Conduct regular risk assessments to ensure compliance with internal policies, external regulations, and industry standards; update unified requirements and document corrective actions.
• Define and track key performance indicators (KPIs) for cyber risk management capabilities, including issue closure rates, control effectiveness, and remediation timelines.
• Stay current with emerging threats, trends, and technologies, and provide strategic recommendations to enhance the organizations security posture.
• Contribute to the development and enforcement of cybersecurity policies, standards, and guidelines to ensure consistent and effective practices.