Expert Cyber Risk Management Engineer

Expert Cyber Risk Management Engineer

Oakland, CA Only Locals

The Expert Cyber Risk Management Engineer assesses enterprise information
security solutions and services, including authentication and authorization,
public key infrastructure, data loss prevention, third-party risk management,
and security event analytics. This role requires proactive research and
analysis of complex, enterprise-scale cybersecurity challenges. In addition
to evaluating processes and technologies, the engineer advises on the
development and maintenance of security systems.

Responsibilities

• Develop processes, maintain

internal frameworks, create documentation templates, and implement
tooling to support and mature assurance service delivery.

• Collaborate with security

specialists, enterprise architects, and other technical leaders to
ensure security solutions sufficiently mitigate risks and align with
business objectives and regulatory requirements.

• Analyze risk exposure and

consult on the design of cyber risk management capabilities where
improvements are needed.

• Assess the effectiveness of

cybersecurity capabilities, provide guidance on managing risks
associated with ineffective controls, and influence decision-making by
educating stakeholders.

• Track and report issue

status, ensuring timely resolution of identified risks.

• Communicate cybersecurity

risks and solutions to technical and non-technical audiences across all
levels of management.

• Advise on enterprise-level

decisions by presenting insights to senior leadership, including
technology executives and governance bodies.

• Collaborate with legal,

compliance, and audit teams to ensure alignment with regulatory
expectations and contractual obligations.

• Maintain ongoing

communication with leadership regarding developments in assigned areas
and contribute to special projects as needed.

• Provide thought leadership

and consulting support in the creation and maintenance of
security-enabled processes across cybersecurity and technology teams.

• Mentor team members on

technical topics, interpersonal dynamics, organizational policies, and
enterprise operations.

• Partner with

infrastructure, application, and data teams to ensure security controls
are embedded across technology lifecycles and operational processes.

• Conduct regular risk

assessments to ensure compliance with internal policies, external
regulations, and industry standards; update unified requirements and
document corrective actions.

• Define and track key

performance indicators (KPIs) for cyber risk management capabilities,
including issue closure rates, control effectiveness, and remediation
timelines.

• Stay current with emerging

threats, trends, and technologies, and provide strategic recommendations
to enhance the organizations security posture.

• Contribute to the

development and enforcement of cybersecurity policies, standards, and
guidelines to ensure consistent and effective practices.

• Advise on the selection and

implementation of security tools and technologies aligned with the cyber
risk management strategy.

Qualifications    

• Strong communication

skills, with emphasis on active listening and clarity.

• Demonstrated empathy and

ability to build trust within teams.

• Proven ability to research

and maintain current technical knowledge in a rapidly evolving
environment.

• Experience with Azure and

Oracle public cloud infrastructures.

• Expertise in preparing

business plans, IT strategies, technology roadmaps, and technical
proposals.

• Ability to analyze business

requirements and recommend timely, effective solutions.

• Demonstrated creativity and

problem-solving skills in directing analysis and developing solutions.

• Knowledge of project

development life cycle, with ability to coordinate and prioritize
multiple initiatives.