Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Principal Risk Specialist, Tech & Cyber Risk | Retail Bank
Mclean, VA · On-site
$99K/yr
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
Principal Risk Specialist, Tech & Cyber Risk | Retail Bank
Mclean, VA · On-site
$99K/yr
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
Cyber Risk Director
New York, NY · On-site +1
Manage cyber risk-related program activities, and ensure effective collaboration within the team, as well as technology, business, and other shareholder groups. * Maintain the cyber-risk register ...
Cyber Risk Director
New York, NY · On-site +1
Manage cyber risk-related program activities, and ensure effective collaboration within the team, as well as technology, business, and other shareholder groups. * Maintain the cyber-risk register ...
Senior Cyber Risk Engineer
Pittsburgh, PA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Senior Cyber Risk Engineer
Pittsburgh, PA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Senior Cyber Risk Engineer
Pittsburgh, PA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Senior Cyber Risk Engineer
Pittsburgh, PA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
Cyber Risk Analyst SME
Arlington, VA · On-site
We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote ... Create and manage task plans, assessment schedules, and execution strategies to ensure effective ...
Cyber Risk Analyst SME
Arlington, VA · On-site
We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote ... Create and manage task plans, assessment schedules, and execution strategies to ensure effective ...
In line with the Operational Risk Management (ORM) and Independent Compliance Risk Management (ICRM ... The Head of Cyber Risk and Compliance - Threat Intelligence and Fusion reports to The Head of Cyber ...
In line with the Operational Risk Management (ORM) and Independent Compliance Risk Management (ICRM ... The Head of Cyber Risk and Compliance - Threat Intelligence and Fusion reports to The Head of Cyber ...
Principal Risk Specialist, Tech & Cyber Risk | Retail Bank
Mclean, VA · On-site
$99K/yr
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
Principal Risk Specialist, Tech & Cyber Risk | Retail Bank
Mclean, VA · On-site
$99K/yr
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
Minimum 8 years of experience in insider risk management, security investigations, compliance, behavioral analysis, or a closely related domain * Demonstrated high level of integrity with a proven ...
Minimum 8 years of experience in insider risk management, security investigations, compliance, behavioral analysis, or a closely related domain * Demonstrated high level of integrity with a proven ...
Sr. Manager, Tech & Cyber Risk
Mclean, VA · On-site
Sr. Manager, Tech & Cyber Risk As a Senior Manager of Tech & Cyber Risk within Capital One ... You will leverage your analytical and risk management expertise to drive meaningful outcomes ...
Sr. Manager, Tech & Cyber Risk
Mclean, VA · On-site
Sr. Manager, Tech & Cyber Risk As a Senior Manager of Tech & Cyber Risk within Capital One ... You will leverage your analytical and risk management expertise to drive meaningful outcomes ...
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
End-to-End Risk Management & Execution * Drive end-to-end technology and cyber risk assessments, managing the lifecycle from tactical implementation and ongoing evaluation through to remediation ...
Sr. Manager, Tech & Cyber Risk
Mclean, VA · On-site
Sr. Manager, Tech & Cyber Risk As a Senior Manager of Tech & Cyber Risk within Capital One ... You will leverage your analytical and risk management expertise to drive meaningful outcomes ...
Sr. Manager, Tech & Cyber Risk
Mclean, VA · On-site
Sr. Manager, Tech & Cyber Risk As a Senior Manager of Tech & Cyber Risk within Capital One ... You will leverage your analytical and risk management expertise to drive meaningful outcomes ...
Sr. Manager, Tech & Cyber Risk As a Senior Manager of Tech & Cyber Risk within Capital One ... You will leverage your analytical and risk management expertise to drive meaningful outcomes ...
Sr. Manager, Tech & Cyber Risk As a Senior Manager of Tech & Cyber Risk within Capital One ... You will leverage your analytical and risk management expertise to drive meaningful outcomes ...
Cyber Risk Analyst SME
Arlington, VA · On-site +1
We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote ... Create and manage task plans, assessment schedules, and execution strategies to ensure effective ...
Cyber Risk Analyst SME
Arlington, VA · On-site +1
We are seeking a Cyber Risk Analyst (SME-level). This role involves conducting on-site and remote ... Create and manage task plans, assessment schedules, and execution strategies to ensure effective ...
Director - Cyber Third Party Risk Management (CTPRM)
Chicago, IL · Hybrid
$137K - $240K/yr
We are seeking an experienced Director of Cyber ThirdParty Risk Management (CTPRM) to lead and mature the enterprise thirdparty cyber risk program across North America, with a strong focus on cloud ...
Director - Cyber Third Party Risk Management (CTPRM)
Chicago, IL · Hybrid
$137K - $240K/yr
We are seeking an experienced Director of Cyber ThirdParty Risk Management (CTPRM) to lead and mature the enterprise thirdparty cyber risk program across North America, with a strong focus on cloud ...
Manager - Cyber Risk & Analysis As a Technology Risk Manager, you will drive strategy and execute ... The successful candidate will be an experienced risk management professional who understands ...
Manager - Cyber Risk & Analysis As a Technology Risk Manager, you will drive strategy and execute ... The successful candidate will be an experienced risk management professional who understands ...
Cyber Risk Management information
See salary details
$19.29 is the 25th percentile. Wages below this are outliers.
$14.42 - $19.84
28% of jobs
The median wage is $23.08 / hr.
$19.84 - $25.26
37% of jobs
$25.26 - $30.68
6% of jobs
$34.07 is the 75th percentile. Wages above this are outliers.
$30.68 - $36.10
6% of jobs
$36.10 - $41.52
12% of jobs
$41.52 - $46.94
0% of jobs
$46.94 - $52.36
0% of jobs
$52.36 - $57.78
8% of jobs
$57.78 - $63.20
0% of jobs
$63.20 - $68.62
0% of jobs
$68.62 - $74.04
2% of jobs
$14
$30
$74
How much do cyber risk management jobs pay per hour?
What is a Cyber Risk Management job?
A Cyber Risk Management job involves identifying, assessing, and mitigating cybersecurity risks that could impact an organization. Professionals in this field develop risk management frameworks, implement security controls, and ensure compliance with industry regulations. They work closely with IT and business teams to minimize cyber threats, such as data breaches and ransomware attacks. Their goal is to protect sensitive information and maintain business continuity.
Is SOC an entry level job?
What are the key skills and qualifications needed to thrive in the Cyber Risk Management position, and why are they important?
To thrive in Cyber Risk Management, you need a strong understanding of information security principles, risk assessment methodologies, and regulatory compliance, often supported by a degree in cybersecurity, information technology, or a related field. Familiarity with tools such as risk management software, vulnerability assessment platforms, and certifications like CISSP, CISM, or CRISC is highly valued. Excellent analytical thinking, communication, and problem-solving skills help professionals effectively advise stakeholders and coordinate incident response efforts. These skills are crucial for identifying, evaluating, and mitigating cyber risks to safeguard organizational assets and ensure business continuity.
Can you make $500,000 a year in cyber security?
Can you make $200,000 in cyber security?
What are some common challenges faced in a Cyber Risk Management role, and how are they typically addressed?
Professionals in Cyber Risk Management often encounter challenges such as keeping up with rapidly evolving cyber threats, ensuring compliance with complex regulations, and balancing security needs with business objectives. Addressing these issues requires continuous learning, leveraging up-to-date threat intelligence, and collaborating closely with IT, legal, and management teams to develop effective risk mitigation strategies. Many organizations encourage ongoing training and participation in industry events to stay current, while fostering a culture of open communication to quickly identify and address vulnerabilities. Embracing a proactive and adaptable approach ensures that cyber risks are managed effectively while supporting the organization’s goals.
What does a cyber risk manager do?
Full-time
Medical, Dental, Vision, Life, Retirement, PTO
Posted 7 days ago
Carnegie Mellon University rating
8.6
Based on 24 frontline employees who took The Breakroom Quiz
54th of 544 rated colleges and universities
Job description
Cybersecurity Risk Engineersat the SEI use advanced skills in statistics, mathematics, risk analysis, systems engineering, economics and other technical fields in an interdisciplinary manner to help our government and industry mission partners to identify, research, and solve cyber security challenges. In this role, you will work with our mission partners to identify areas where advanced quantitative & technical skills can help tackle problems, plan and develop prototype solutions, and create final products designed to better manage risk. You'll work with cyber security professionals and university collaborators to build new technologies that will influence national cyber security strategies for decades to come. You will build and evaluate models, create products, conduct applied research, present findings to stakeholders, and develop transition plans for solutions to our partners.
Our team works on a wide range of projects. Our current research focus includes experimental designs for measuring cyber risk, researching methodologies for improvement of risk-based decision making, and building and evaluating models to identify security vulnerabilities. Additionally, we work on developing and conducting organizational security assessments, evaluating risk management programs, threat modeling, economics of cybersecurity and measurement. If you are an experienced researcher with an interest in risk management and cybersecurity, we want to hear from you!
As a Senior Cyber Risk Engineer, you will work directly with government, industry, and academic partners to identify, analyze, and solve complex cybersecurity risk management challenges. You will apply expertise in statistics, mathematics, risk analysis, systems engineering, and data science to develop innovative approaches for measuring, modeling, and managing cyber risk. Your work will help shape cybersecurity strategies, influence risk-based decision making, and improve the resilience of mission-critical systems and services.
Knowledge, Skills, and Abilities:
Candidates should have experience or knowledge in several of the following:
- Understanding of risk management principles and their application to cybersecurity.
- Experience performing cyber risk analysis, risk quantification, or security measurement.
- Expertise in one or more quantitative disciplines such as statistics, mathematics, econometrics, operations research, systems engineering, data science, or machine learning.
- Experience developing and applying statistical models, predictive analytics, or simulation techniques.
- Experience with uncertainty quantification, probabilistic analysis, or decision science methodologies.
- Experience conducting threat modeling, vulnerability analysis, or security assessments.
- Knowledge of cybersecurity risk management frameworks and methodologies.
- Experience evaluating organizational cybersecurity programs and risk management practices.
- Ability to design and conduct applied research in cybersecurity, risk management, or related fields.
- Experience developing analytical tools, models, or decision-support capabilities.
- Ability to collaborate effectively within multidisciplinary teams of researchers, engineers, and cybersecurity professionals.
- Strong analytical, problem-solving, and critical-thinking skills.
- Ability to communicate complex technical concepts and analytical findings to both technical and non-technical audiences.
- Ability to work collaboratively, diplomatically, and effectively with customers, colleagues, researchers, and senior stakeholders.
Requirements:
- Education and Experience: BS degree in Computer Science, Statistics, Engineering, Mathematics, Economics, Data Science, or a related highly quantitative discipline with ten (10) years of applicable experience; or a MS degree in a relevant discipline with eight (8) years of applicable experience; or a PhD in a relevant discipline with five (5) years of applicable experience.
- Technical Excellence: You have a track record of applying advanced analytical methods to solve complex cybersecurity challenges and delivering impactful technical outcomes. You possess expertise in one or more areas including cybersecurity risk management, risk quantification, statistics, econometrics, systems engineering, machine learning, modeling and simulation, or data science. You are focused on developing practical solutions that improve risk-based decision making for mission partners.
- Leadership: You have the ability to lead multidisciplinary teams in analyzing and solving real-world cybersecurity and risk management problems. You can guide research efforts, develop analytical frameworks, and influence technical direction while collaborating with researchers, engineers, government stakeholders, and external partners. Your leadership extends beyond formal reporting relationships through technical influence and collaboration.
- Working in a Creative, Dynamic Environment: You have experience contributing to multiple simultaneous projects and thrive in a fast-paced research environment. You are willing to experiment with innovative analytical techniques, explore emerging technologies, and develop new methodologies that advance cybersecurity risk management and measurement.
- Mentorship: You enjoy mentoring and motivating team members. You contribute to the development of technical talent through knowledge sharing, collaboration, and professional guidance.
- Communication: You have outstanding communication skills and can interact collaboratively and diplomatically with customers, mission partners, researchers, and colleagues at all levels. You understand both strategic objectives and technical details and can communicate complex analytical findings to audiences with varying levels of technical expertise.
- Travel: Periodic travel to customer sites, conferences, workshops, and stakeholder meetings is required to support the SEI's mission and research activities.
- Security Clearance: You will be subject to a background investigation and must have the ability to obtain and maintain a Department of War security clearance.
- Applicants for this position must be currently legally authorized to work for CMU in the United States. CMU will not sponsor or take over sponsorship of an employment visa for this opportunity.
Desired Experience:
- Experience in cyber risk quantification and measurement.
- Experience in econometrics, applied statistics, or quantitative risk analysis.
- Experience in uncertainty quantification and probabilistic modeling.
- Experience in machine learning, data science, or advanced analytics.
- Experience in modeling and simulation.
- Experience conducting threat modeling and vulnerability analysis.
- Experience evaluating organizational cybersecurity and risk management programs.
- Experience supporting test and evaluation activities for large-scale government research programs.
- Demonstrated ability to learn new concepts and grow into emerging technical areas.
- Strong technical writing, editing, and presentation skills.
- Experience working with government agencies, defense organizations, federally funded research centers, or academic institutions is a plus.
Joining the CMU team opens the door to an array of exceptional benefits.
Benefits eligible employees enjoy a wide array of benefits including comprehensive medical, prescription, dental, and vision insurance as well as a generous retirement savings program with employer contributions. Unlock your potential with tuition benefits, take well-deserved breaks with ample paid time off and observed holidays, and rest easy with life and accidental death and disability insurance.
Additional perks include a free Pittsburgh Regional Transit bus pass, access to our Family Concierge Team to help navigate childcare needs, fitness center access, and much more!
For a comprehensive overview of the benefits available, explore our Benefits page.
At Carnegie Mellon, we value the whole package when extending offers of employment. Beyond credentials, we evaluate the role and responsibilities, your valuable work experience, and the knowledge gained through education and training. We appreciate your unique skills and the perspective you bring. Your journey with us is about more than just a job; it's about finding the perfect fit for your professional growth and personal aspirations.
Are you interested in an exciting opportunity with an exceptional organization?! Apply today!
Location
Arlington, VA, Pittsburgh, PAJob Function
Software/Applications Development/EngineeringPosition Type
Staff - RegularFull Time/Part time
Full timePay Basis
SalaryMore Information:
Please visit "Why Carnegie Mellon" to learn more about becoming part of an institution inspiring innovations that change the world.
Click here to view a listing of employee benefits
Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.
Statement of Assurance
What Carnegie Mellon University employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom
About Carnegie Mellon University
Sourced by ZipRecruiter