Senior Cyber Risk Management Engineer
Senior Cyber Risk Management Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Title Senior Cyber Risk Management Engineer
Location Oakland CA
Must have strong experience with Azure Assessment
GC OR CITIZENS ONLY
Job Information
Job Taxonomy:
Senior Cyber Risk Management Engineer
Job Title:
Senior Cyber Risk Management Engineer
Job Category:
Cyber
Job Description:
The Senior Cyber Risk Management Capability Assessor will evaluate the effectiveness and conduct risk assessments of cyber risk management capabilities including policies processes and technical capabilities leveraging Delta Dentals enterprise cyber risk management requirement and control framework. Additionally they will assist in maintaining the framework analyzing emerging regulations and cyber security frameworks to the framework updating it and revising capability effectiveness criteria in collaboration with capability owners as needed. This role involves significant work around issue management and Plan of Action and Milestones (POAM) supports SOC 1/2 Type 2 audits by external auditors and prepares materials to support attestations for NAIC model laws and 23 NYCRR 500.
Responsibilities:
- Cyber Risk Management Capability Assessments: Conduct thorough assessments of the effectiveness of cyber risk management capabilities within the organization.
- Gap Analysis: Identify gaps in cyber risk management capability effectiveness and provide recommendations for enhancing the organizations cyber risk management posture.
- Issue Management & POAM: Manage issues and develop Plan of Action and Milestones (POAM) to address identified gaps and vulnerabilities.
- Documentation & Reporting: Develop detailed reports and documentation on assessment findings remediation plans and effectiveness metrics.
- Stakeholder Collaboration: Work closely with cyber risk management technology and business partners to ensure that cyber risk management capabilities are effective.
- Compliance Standards and Regulatory Alignment: Ensure adherence to regulatory and industry standard requirements such as NIST 80053 SOC 2 23 NYCRR 500 NAIC Model Law and HIPAA. As regulations and standards are introduced and updated assist in enhancing and extending the framework.
- Audit Support: Support the performance of SOC 2 audits by external auditors and prepare materials to support attestations with NAIC model laws and NYDFS.
Skills/Experience:
Qualifications:
- Education: Bachelors degree in Cybersecurity Information Security Computer Science or a related field.
- Certifications (Preferred): CISSP CISA CISM CRISC CAP Security or equivalent.
- Experience: Minimum 35 years of experience in cyber security compliance cyber risk assessment or security auditing.
- Technical Expertise:
-
- Working knowledge of NIST 80053.
-
- Basic knowledge of cloudbased cyber risk management controls (Azure and/or Oracle Cloud Infrastructure).
-
- Familiarity with technology management methodologies (DevOps SAFe ITIL).
-
- Proficiency in multiple cyber risk management domains.
-
- Understanding of cyber risk management oversight and administration processes security architecture technical security controls and data protection strategies.
Required Skills:
- Strong analytical and problemsolving skills.
- Excellent communication and reportwriting abilities.
- Ability to work independently and conduct cyber risk management assessments.
- Solid understanding of regulatory compliance and risk management principles.
- Ability to collaborate with crossfunctional teams and provide security guidance.
Employment Type
Full Time
