Cybersecurity Risk Manager

About the role

Develop an organisation's cybersecurity risk management strategy Manage an inventory of organisation's assets Identify and assess cybersecurity-related threats and vulnerabilities of ICT systems Identification of threat landscape including attackers' profiles and estimation of attacks' potential Assess cybersecurity risks, and propose most appropriate risk treatment options, including security controls, and risk mitigation and avoidance that best address organisation's strategy Monitor effectiveness of cybersecurity controls and risk levels Ensure that all cybersecurity risks remain at an acceptable level for the organisation's assets Develop, maintain, report and communicate complete risk management cycle Master's degree plus 9 years of experience. Perform risks assessments and analysis to identify threats, categorise assets, and rate system vulnerabilities so that they can implement effective controls Implement cybersecurity risk management frameworks, methodologies and guidelines and ensure compliance with regulations and standards Enable business assets owners, executives, and other stakeholders to make risk informed decisions to manage and mitigate risks Enable employees to understand, embrace and follow the controls Build a cybersecurity risk-aware environment Advanced knowledge of risk management frameworks, standards, methodologies, tools, guidelines and best practices Knowledge of cyber threats, threats taxonomies and vulnerabilities repositories Knowledge of risk sharing options and best practices Knowledge of state of the art technical and organisational controls that appropriately mitigate cybersecurity risks Knowledge of monitoring, implementing and testing the effectiveness of the controls Analyse and consolidate organisation's quality and risk management practices Communicate, present and report to relevant stakeholders Propose and manage risk sharing options Excellent knowlegde of English equal to C1 according to CERF levels. Experience in making Business Impact Assessments Knowledge on risk assessment implementation in GRC Service Now Experience in preparing personal data protection documentation and tools for graphical and programmatic threat modelling. Experience in threat modelling for DevOps and in designing Zero Trust Architecture Experience in Securing Software Development Lifecycle and designing controls for defending Directory Services At least 4 certification among: CISSP (Certified Information Systems Security Professional) CISA (Certified Information Systems Auditor) CISM (Certified Information Security Manager) GSNA (GIAC Certified Systems and Network Auditor) GCCC (GIAC Certified Critical Controls) ISO 27001 Lead implementer ISO 27001 Lead Auditor ISO 27005 Risk Manager CAP ((ISC)2 Certified Authorization Professional) CRISC (ISACA Certified in Risk and Information Systems Control) CISSP-ISSMP ((ISC)2 Certified Information Systems Security Management Professional) GIAC Certified ISO-27000 Specialist or equivalent certification recognized internationally

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Arhs? Share your experience