Cyber Security Engineer, Risk Management

As a member of the Digital Technology Risk Assurance team, the Risk Management Analyst will support efforts to identify, assess, and track cybersecurity and digital technology risks across the organization. Under the guidance of senior team members and management, the Analyst will assist in executing the risk management strategy and contributing to its ongoing development.

Key responsibilities include contributing to risk posture monitoring, assisting with tracking remediation efforts, and helping prepare risk reporting in various formats. The Analyst will support risk reviews and issue assessments related to control and policy exceptions. This role involves close collaboration with cybersecurity, digital technology, and IT teams, as well as other business stakeholders, to help document, report, and mitigate technology-related risks.

Essential Functions

• Assist with maintaining the cybersecurity risk register and issue register, including tracking of risk priority to the company and issue remediations as they progress. 
• Participate in the execution of cybersecurity and digital technology risk assessments by gathering data, preparing documentation, and supporting coordination efforts to help inform leadership decision-making.
• Assist in compiling and updating metrics and dashboards that track risk program activities and highlight key trends in the digital technology environment.
• Review exception requests to cybersecurity and technology controls and assist in documenting associated risks to support senior team members and leadership in their review process.
• Support process improvement initiatives by contributing observations and suggestions to enhance the efficiency and effectiveness of cybersecurity and digital technology risk management practices.
• Business and Interpersonal Expectations:
  • Communicate and collaborate effectively and professionally with peers, management, and business stakeholders across technical and non-technical teams.
  • Maintain strict confidentiality regarding sensitive company information and identified risks.
  • Keep management informed of developments within assigned areas of responsibility and support special projects as requested.

Qualifications

• Associate Degree or Bachelor's Degree in Cyber Security, Computer Science, Information Systems (or other related field) or equivalent work experience preferred
• 2+ years Cyber Security, Technology, or other related experience required
• 2+ years of risk management

Knowledge, Skills and Abilities

• Practical experience with risk management activities.
• Worked in process-driven structured environments and participated in process optimization activities.
• Knowledge of cybersecurity and technology risk frameworks
• Proactive identification and solving of complex problems
• Effective communication of complex concepts to a non-technical audience
• Excellent written and verbal communication skills

Licenses and Certifications

• Productivity suite software required