The Role:
We are seeking a Senior Cyber Risk Manager to join our client’s Cyber Security function. In this pivotal role, you will define, oversee, and govern a Cyber Risk Assessment Framework, collaborating closely with Business Information Security Officers (BISOs), Technical Information Security Officers (TISOs), and Information Security Leads (ISLs). You will also establish and manage an exception-handling framework. Your expertise will ensure a consistent, threat-led approach to risk assessment and enable effective risk-based decision-making.
Main Responsibilities:
- Develop, create, and support the Cyber Risk Assessment and Exception Handling Framework.
- Maintain a consistent, threat-led approach to risk assessment.
- Provide guidance to cyber colleagues for risk-based prioritization.
- Facilitate risk analysis to identify suitable risk treatment strategies and prioritize control enhancements.
- Foster a culture of cyber risk-based decision-making within the organization.
Key Skills and Qualifications:
- Proficiency in developing, maintaining, operating, and governing Risk Assessment frameworks.
- Strong communication skills, both written and verbal, suitable for technical and non-technical stakeholders.
- Ability to manage competing priorities and meet deadlines.
- Strong stakeholder management and interpersonal skills across various levels.
- Collaborative mindset to excel in a team-oriented environment.
- Effective presentation skills, simplifying complex information.
- Experience collaborating with international stakeholders.
- Flexibility in adapting to evolving requirements and crafting practical solutions.
Experience:
- Previous involvement in Cyber Security, particularly in cyber risk management.
- Demonstrated experience in creating, maintaining, operating, and governing Risk Assessment frameworks.
- Exposure to customer-centric environments.
- Understanding of prominent global standards (e.g., NIST, CIS, ISO), Information Security controls, and the “three lines of defense” model.