Engineer - Cyber Security Engineer IV

Overview

On Site
$75.86 - $93.1 hr
Contract - W2
Contract - Independent
Contract - 5+ mo(s)

Skills

CYBER SECURITY
CYBERSECURITY
RISK MANAGEMENT
RISK
GRC
NIST
ISO
ISO27001
PCI
SOX
GDPR
GOVERNANCE

Job Details

Title: Cyber Security Engineer IV
Duration: 6+ Months
Location: SeaTac, WA
Pay Range: $80/Hr. to $90/Hr. (DOE)

Job Summary:
The IT Cybersecurity Risk Manager is a subject matter expert in cybersecurity risk management and is responsible for the development, implementation and maintenance of a Cybersecurity Risk Management program at Alaska Airlines. As an individual contributor, this role defines long-term strategy for cybersecurity risk management exercises considerable latitude and initiative to solve complex challenges related to cyber risk management.

Key Responsibilities:
Develop, implement, and maintain a comprehensive cybersecurity risk management framework and program.
Identify, assess, and monitor IT and cybersecurity risks across infrastructure, applications, and third-party services.
Collaborate with IT, security, compliance, and business units to implement risk mitigation strategies.
Conduct IT risk assessments, control assessments, and scenario analysis to evaluate potential threats and vulnerabilities.
Ensure compliance with regulatory and industry standards (e.g., NIST, ISO 27001, GDPR, SOX, PCI).
Maintain the IT risk register and build reporting on key risk indicators (KRIs) and trends for leadership.
Manage the IT risk exception process by identifying, assessing, documenting, and monitoring exceptions to cybersecurity policies and standards.
Stay current on emerging IT risks and technologies.

Qualifications Required:
Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or a related field or an additional two years of relevant training/experience in lieu of this degree.
5+ years of experience in IT risk management, cybersecurity, or IT audit.
Experience with risk assessment methodologies
Excellent written and verbal communication skills and stakeholder engagement skills
Detail-oriented and organized, and able to manage complex projects and multiple priorities

Preferred:
Professional certifications such as CRISC, CISM, CISSP, CISA, or CGEIT.
Experience with GRC tools.
Familiarity with cloud security and third-party risk management.
Strong understanding of IT governance, risk, and compliance (GRC) frameworks.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.