Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Senior Cyber Risk Engineer
Pittsburgh, PA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Senior Cyber Risk Engineer
Pittsburgh, PA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Cyber Risk Analyst
Malvern, PA · On-site
Within TRM, the global Identity, Directory & Access Management (IDAM) organization ensures that the right people have the right access to the right information. The Cyber Risk Analyst is responsible ...
Cyber Risk Analyst
Malvern, PA · On-site
Within TRM, the global Identity, Directory & Access Management (IDAM) organization ensures that the right people have the right access to the right information. The Cyber Risk Analyst is responsible ...
Senior Cyber Risk Engineer
Pittsburgh, PA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Senior Cyber Risk Engineer
Pittsburgh, PA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Senior Cyber Risk Engineer
Pittsburgh, PA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Senior Cyber Risk Engineer
Pittsburgh, PA · On-site
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Technical Manager - Cyber Risk Management with Security Clearance
Pittsburgh, PA · On-site
$107K - $145K/yr
Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Technical Manager - Cyber Risk Management with Security Clearance
Pittsburgh, PA · On-site
$107K - $145K/yr
Summary The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible ...
Cyber Risk Analyst
Malvern, PA · On-site
The Zoetis Tech & Digital (ZTD) Global Technology Risk Management (TRM) Organizationis responsible ... Experience: * 5+ years of hands-on experience in vulnerability management, cyber risk, or related ...
Cyber Risk Analyst
Malvern, PA · On-site
The Zoetis Tech & Digital (ZTD) Global Technology Risk Management (TRM) Organizationis responsible ... Experience: * 5+ years of hands-on experience in vulnerability management, cyber risk, or related ...
Expertise in compliance management, internal or external audit, and GRC platforms is strongly ... risk, compliance, and cyber risk. * Research/write/create approximately six to eight research ...
Expertise in compliance management, internal or external audit, and GRC platforms is strongly ... risk, compliance, and cyber risk. * Research/write/create approximately six to eight research ...
Risk Manager
$75K - $98K/yr
The Risk Manager ensures compliance with applicable federal, Commonwealth of Pennsylvania, and ... compensation, cyber, and other applicable coverages. Serve as liaison with insurance carriers ...
Risk Manager
$75K - $98K/yr
The Risk Manager ensures compliance with applicable federal, Commonwealth of Pennsylvania, and ... compensation, cyber, and other applicable coverages. Serve as liaison with insurance carriers ...
Risk Manager
Media, PA · On-site
$75K - $98K/yr
The Risk Manager ensures compliance with applicable federal, Commonwealth of Pennsylvania, and ... cyber, and other applicable coverages. * Serve as liaison with insurance carriers, brokers, and ...
Risk Manager
Media, PA · On-site
$75K - $98K/yr
The Risk Manager ensures compliance with applicable federal, Commonwealth of Pennsylvania, and ... cyber, and other applicable coverages. * Serve as liaison with insurance carriers, brokers, and ...
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Understanding of risk management principles and their application to cybersecurity. * Experience performing cyber risk analysis, risk quantification, or security measurement. * Expertise in one or ...
Principal Sales Engineer - Cyber Risk and GRC
PA · On-site
$96K/mo
Experience selling into or supporting GRC, security compliance, cyber risk, or security reporting ... , vulnerability, cloud, ITSM, HR/org data). * Excellent communication and PoV/architectural ...
Principal Sales Engineer - Cyber Risk and GRC
PA · On-site
$96K/mo
Experience selling into or supporting GRC, security compliance, cyber risk, or security reporting ... , vulnerability, cloud, ITSM, HR/org data). * Excellent communication and PoV/architectural ...
Associate Cyber Risk Advisor
Philadelphia, PA · On-site
... risk or their cyber insurancepolicy services * Workwith clients both internally and externally to ... management, patch management, user access controls, endpoint security and incident response
Associate Cyber Risk Advisor
Philadelphia, PA · On-site
... risk or their cyber insurancepolicy services * Workwith clients both internally and externally to ... management, patch management, user access controls, endpoint security and incident response
Support Risk Management Framework (RMF) activities including control implementation, assessment ... Identify security gaps and propose remediation strategies to reduce cyber risk. Support ...
Support Risk Management Framework (RMF) activities including control implementation, assessment ... Identify security gaps and propose remediation strategies to reduce cyber risk. Support ...
Cyber Risk Manager information
See Pennsylvania salary details
$51.6K - $62.4K
4% of jobs
$62.4K - $73.2K
6% of jobs
$73.2K - $84K
11% of jobs
$88.1K is the 25th percentile. Wages below this are outliers.
$84K - $94.8K
11% of jobs
The median wage is $103.4K / yr.
$94.8K - $105.6K
23% of jobs
$105.6K - $116.4K
13% of jobs
$123.5K is the 75th percentile. Wages above this are outliers.
$116.4K - $127.2K
12% of jobs
$127.2K - $138K
8% of jobs
$138K - $148.8K
6% of jobs
$148.8K - $159.6K
4% of jobs
$159.6K - $170.4K
2% of jobs
$51.6K
$111.8K
$170.4K
How much do cyber risk manager jobs pay per year?
How does a Cyber Risk Manager typically collaborate with other departments to strengthen an organization's cybersecurity posture?
What is the difference between Cyber Risk Manager vs Cybersecurity Analyst?
| Aspect | Cyber Risk Manager | Cybersecurity Analyst |
|---|---|---|
| Certifications | CRISC, CISSP, CISM | CompTIA Security+, CISSP, CEH |
| Work Environment | Risk assessment, policy development, strategic planning | Monitoring security systems, incident response, vulnerability testing |
| Employer & Industry Usage | Financial, healthcare, large enterprises | IT departments, security firms, corporate environments |
The Cyber Risk Manager focuses on identifying, assessing, and mitigating organizational cyber risks through strategic planning and policy development. In contrast, the Cybersecurity Analyst primarily monitors security systems, responds to incidents, and tests vulnerabilities. Both roles require certifications like CISSP, but their daily tasks and focus areas differ significantly, with the manager taking a broader, strategic approach and the analyst handling operational security tasks.
What are the key skills and qualifications needed to thrive as a Cyber Risk Manager, and why are they important?
Can you make $200,000 in cyber security?
Can you make $500,000 a year in cyber security?
What does a cyber risk manager do?
Is a CISO a stressful job?

Job description
The SEI CERT Cyber Risk and Resilience Directorate, enables organizations to achieve operational resilience by performing research in emerging areas of operational risk, producing measurement and assessment tools that help organizations better understand their current risk and resilience posture, and developing and validating models, frameworks, and tools to drive quantifiable risk reduction. Our Cyber Risk Management team focuses on designing, prototyping, transitioning risk management novel methods. We support partners in government and industry in achieving cyber-dependent missions. .
Job Description Summary
The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT's Cyber Risk & Resilience Directorate. This candidate will be responsible for the creation, development and management of a sustained applied research and technical agenda for Risk & Resilience CRM Team consistent with and directly supporting the US Department of War's strategic challenges and emerging threats. The technical manager is responsible for developing and communicating technical vision, developing tasking, creating project work statements, developing and managing project plans, managing initiative finances and accounting, generating new work and customers, working with business development staff, executing work with high degree of customer satisfaction, and supervising staff.
The successful candidate must have proven experience conducting and leading technical efforts in support of the US Federal Government (USG) and Department of War (DOW); managing technical teams; be self-directed, have a track record of creating interdisciplinary approaches to problem solving, and demonstrate exceptionally strong presentation and writing skills. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.
Minimum Qualifications and Requirements
Education/Training:
BS in risk management, cybersecurity, information systems, economics, mathematics or a related technical field; advanced degree strongly preferred.
Other educational backgrounds of a technical nature with significant relevant experience as described may be considered.
Experience:
Total of ten (10) years of experience as an enterprise risk executive, enterprise risk manager, primary investigator engaged in risk management research or similarly technical occupation.
Experience and expert knowledge of:
risk quantification tools and techniques
risk management frameworks/model/standards of practice
risk governance
Experience with and substantial knowledge of:
network architectures, and telecommunications
cybersecurity and operational resilience
information security models, frameworks, and metrics
foundational artificial intelligence concepts and techniques
project planning and financial management
strategic planning and product development
USG and DoW risk tools, techniques, and methods
USG and DoW risk management strategies, policies, and directives
Skills/Abilities:
mastery of risk management concepts, cyber security best practices and standards, information security and risk evaluation methods, development
excellent analytical, organizational, reasoning and problem-solving skills
outstanding written and oral communication skills
demonstrated ability and experience in employee performance management
outstanding financial and resource management skills
demonstrated ability to prepare papers and deliver presentations for technical and non-technical audiences
demonstrated experience in developing a strategic plan and associated technical agenda
demonstrated experience in developing products and transition (go-to-market)
ability to interact effectively with diverse constituencies internally and externally, including senior executives and managers in government and industry
ability to recognize and deal appropriately with confidential and sensitive information, and where appropriate, ability to obtain and hold a security clearance
active involvement in professional societies
Preferred Qualifications:
RIMS-Certified Risk Management Professional (preferred)
Certified Enterprise Risk Manager (preferred)
Certified Information Systems Security Professional (preferred)
Certified Information Security Manager (preferred)
Certified Information Systems Auditor (preferred)
Other: You will be subject to a background investigation, and you must have the ability to obtain and maintain a Department of War security clearance.
Location
Pittsburgh, PAJob Function
Software/Applications Development/EngineeringPosition Type
Staff - RegularFull time/Part time
Full timePay Basis
SalaryMore Information:Please visit "Why Carnegie Mellon" to learn more about becoming part of an institution inspiring innovations that change the world.
Click here to view a listing of employee benefits
Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran.
Statement of Assurance
About CMU
Sourced by ZipRecruiter
Industry
Offices of mental health practitioners
Company size
201 - 500 Employees
Headquarters location
Harrisburg, PA, US