As a Cyber Risk Manager, you will get the opportunity to grow and contribute to our clients' business needs by applying a collection of information and cybersecurity capabilities, including security and privacy, strategy, governance, IT risk, security testing, technology implementation/operations, cybercrime and breach response for the Cybersecurity & Privacy Practice – all with the resources, environment, and support to help you excel.
From day one, you’ll be empowered by the greater Risk team to help clients make the moves that will help them achieve their vision and help you achieve more, confidently.
Your day-to-day may include:
- Adhere to the highest degree of professional standards and strict client confidentiality
- Execute assigned client engagements from start to finish, which includes the engagement planning, directing, and completion of business continuity, disaster recovery, crisis management and Information Security programs and while managing those engagements to budget
- Apply current knowledge of technology and cyber trends and to identify security, resiliency and risk management issues and other opportunities for improvement
- Assist clients in planning and executing remediation plans identified in assessment activities
- Work with the client to plan an engagement strategy, define objectives, and address technology-related controls risks and issues
- Proactively interact with key client management to gather information, resolve problems, and make recommendations for improvements
- Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment
- Participate in professional development activities and training sessions on regular basis
- Manage the team comprising of seniors and associates and maintain professionalism across team
- Other job duties as assigned
You have the following technical skills and qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field is required
- Minimum 5 years of related cybersecurity experience in a similar consulting practice or function
- Understanding of Industry Standards/frameworks such as COBIT, NIST, ISO 27001,22301 and FFIEC etc. required
- Demonstrate proven and extensive abilities solving complex cyber-risk management issues, including the following areas:
- Design and development of Business and IT Resiliency using industry frameworks and methodologies
- Designing KRI’s and metrics to build risk reports for management
- Implementation and maintenance of enterprise-wide cyber risk governance frameworks
- Assessment of enterprise-wide business risks and cyber threats
- Development of detailed business risk scenarios and cyber threat models
- Design and implementation of Business continuity and disaster recovery program and controls
- Development, implementation, and periodic testing of cyber resiliency plans
- Use of tools and technology to provide data analytics and business intelligence noncyber threats, risks, and vulnerabilities
- Advising clients on complying with regulatory requirements such as FFIEC, GLBA, NY Dissect. as well as industry frameworks such as NIST CSF, COBIT, COSO and PCI
- Building and operationalizing complex IT risk management and cyber security programs for clients
- Exceptional client service, communication, analytical, organizational and project management skills
- Ability to execute multiple engagements and completing priorities in a rapidly growing team environment
- Can travel as needed
- Certification(s) Preferred: Master Business Continuity Professional (MBCP), Certified Business Continuity Professional (CBCP), Certified Information Security Manager (CISM), ISACA, Certified in Risk and Information Systems Control (CRISC)
The base salary range for this position in Los Angeles, CA, Bellevue, WA, New York, NY only is between $155,500 and $233,300.
#LI-LG1
#J-18808-Ljbffr