Lead a team of cyber specialists, providing direction and supporting their development * Conduct regular risk assessments, including PCI-DSS and SOX, and develop comprehensive risk management plans ...
Lead a team of cyber specialists, providing direction and supporting their development * Conduct regular risk assessments, including PCI-DSS and SOX, and develop comprehensive risk management plans ...
Lead a team of cyber specialists, providing direction and supporting their development * Conduct regular risk assessments, including PCI-DSS and SOX, and develop comprehensive risk management plans ...
Lead a team of cyber specialists, providing direction and supporting their development * Conduct regular risk assessments, including PCI-DSS and SOX, and develop comprehensive risk management plans ...
Sr. Manager of Cybersecurity, Third Party Risk
Raleigh, NC · On-site
$107K - $145K/yr
Position Summary The Sr. Manager of Cybersecurity Third-Party Risk Management leads the enterprise ... Define and maintain the third-party cyber risk lifecycle, including intake, inherent risk scoring ...
Sr. Manager of Cybersecurity, Third Party Risk
Raleigh, NC · On-site
$107K - $145K/yr
Position Summary The Sr. Manager of Cybersecurity Third-Party Risk Management leads the enterprise ... Define and maintain the third-party cyber risk lifecycle, including intake, inherent risk scoring ...
Sr. Manager of Cybersecurity, Third Party Risk
Raleigh, NC · Hybrid
$107K - $145K/yr
Position Summary The Sr. Manager of Cybersecurity Third-Party Risk Management leads the enterprise ... Define and maintain the third-party cyber risk lifecycle, including intake, inherent risk scoring ...
Sr. Manager of Cybersecurity, Third Party Risk
Raleigh, NC · Hybrid
$107K - $145K/yr
Position Summary The Sr. Manager of Cybersecurity Third-Party Risk Management leads the enterprise ... Define and maintain the third-party cyber risk lifecycle, including intake, inherent risk scoring ...
... management. * Experience supporting governance, risk, and compliance workflows, including risk reporting, audit data requests, controls monitoring, controls testing, compliance metrics, governance ...
... management. * Experience supporting governance, risk, and compliance workflows, including risk reporting, audit data requests, controls monitoring, controls testing, compliance metrics, governance ...
Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our ...
Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner. Our ...
Risk Manager - Insurance
Raleigh, NC · On-site
$110K - $145K/yr
Risk Manager - Insurance Fully Remote: applicants in Eastern or Central Time Zone Supporting ... Conduct comprehensive risk evaluations across property, casualty, liability, professional, cyber ...
Risk Manager - Insurance
Raleigh, NC · On-site
$110K - $145K/yr
Risk Manager - Insurance Fully Remote: applicants in Eastern or Central Time Zone Supporting ... Conduct comprehensive risk evaluations across property, casualty, liability, professional, cyber ...
Cyber risk management and cyber insurance carriers, brokers, and underwriting platforms * Cloud hyperscalers (AWS, Azure, GCP) and cloud marketplace channels * Global Systems Integrators (GSIs ...
Cyber risk management and cyber insurance carriers, brokers, and underwriting platforms * Cloud hyperscalers (AWS, Azure, GCP) and cloud marketplace channels * Global Systems Integrators (GSIs ...
Cyber Data Protection Manager
Raleigh, NC · Remote
$107K - $145K/yr
If so, consider joining Deloitte & Touche LLP's growing Cyber Risk Digital Trust & Privacy practice ... Manage and lead the proposal development process * Contribute to Deloitte's thought leadership in ...
Cyber Data Protection Manager
Raleigh, NC · Remote
$107K - $145K/yr
If so, consider joining Deloitte & Touche LLP's growing Cyber Risk Digital Trust & Privacy practice ... Manage and lead the proposal development process * Contribute to Deloitte's thought leadership in ...
ETM Sales Specialist
Raleigh, NC · On-site
Our Enterprise TruRisk Management platform empowers organizations to measure, communicate, and eliminate cyber risk with precision. Trusted by thousands of global organizations, Qualys delivers ...
New
ETM Sales Specialist
Raleigh, NC · On-site
Our Enterprise TruRisk Management platform empowers organizations to measure, communicate, and eliminate cyber risk with precision. Trusted by thousands of global organizations, Qualys delivers ...
New
Willing to learn department specific databases or software as necessary (e.g., Vendor Risk Management and project tracking software). * Bachelor's degree with a cyber risk or cybersecurity focus or a ...
Quick apply
Willing to learn department specific databases or software as necessary (e.g., Vendor Risk Management and project tracking software). * Bachelor's degree with a cyber risk or cybersecurity focus or a ...
The Risk Manager is responsible for leading and continuously maturing the organization's Enterprise ... cyber, property, automobile liability, and bonds * Serve as the primary internal point of ...
The Risk Manager is responsible for leading and continuously maturing the organization's Enterprise ... cyber, property, automobile liability, and bonds * Serve as the primary internal point of ...
Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF) * Limited sponsorship opportunities may be available Additional ...
Familiarity with industry standards and regulatory requirements around cyber risk management (e.g., ISO 27001, IEC 62443, NIST CSF) * Limited sponsorship opportunities may be available Additional ...
The Risk Manager is responsible for leading and continuously maturing the organization's Enterprise ... cyber, property, automobile liability, and bonds * Serve as the primary internal point of ...
The Risk Manager is responsible for leading and continuously maturing the organization's Enterprise ... cyber, property, automobile liability, and bonds * Serve as the primary internal point of ...
Willing to learn department specific databases or software as necessary (e.g., Vendor Risk Management and project tracking software). * Bachelor's degree with a cyber risk or cybersecurity focus or a ...
Willing to learn department specific databases or software as necessary (e.g., Vendor Risk Management and project tracking software). * Bachelor's degree with a cyber risk or cybersecurity focus or a ...
ITSO Sr. Program Manager
Durham, NC · On-site
$112K - $112K/yr
This role focuses on quantifying, contextualizing, and managing cyber risk across Duke University. You will partner closely with leadership, including the CISO and other Security Office leaders, to ...
ITSO Sr. Program Manager
Durham, NC · On-site
$112K - $112K/yr
This role focuses on quantifying, contextualizing, and managing cyber risk across Duke University. You will partner closely with leadership, including the CISO and other Security Office leaders, to ...
ITSO Sr. Program Manager
Durham, NC · On-site
$112K - $112K/yr
This role focuses on quantifying, contextualizing, and managing cyber risk across Duke University. You will partner closely with leadership, including the CISO and other Security Office leaders, to ...
New
ITSO Sr. Program Manager
Durham, NC · On-site
$112K - $112K/yr
This role focuses on quantifying, contextualizing, and managing cyber risk across Duke University. You will partner closely with leadership, including the CISO and other Security Office leaders, to ...
New
ITSO Sr. Program Manager
Durham, NC · On-site
$112K - $112K/yr
This role focuses on quantifying, contextualizing, and managing cyber risk across Duke University. You will partner closely with leadership, including the CISO and other Security Office leaders, to ...
ITSO Sr. Program Manager
Durham, NC · On-site
$112K - $112K/yr
This role focuses on quantifying, contextualizing, and managing cyber risk across Duke University. You will partner closely with leadership, including the CISO and other Security Office leaders, to ...
Senior - Third-Party Cybersecurity & Risk Management Location :Hybrid, (3 days onsite) Charlotte ... We are seeking a Senior Engineer (Cyber, Data & Security) with 6 to 8 years of experience to join ...
Senior - Third-Party Cybersecurity & Risk Management Location :Hybrid, (3 days onsite) Charlotte ... We are seeking a Senior Engineer (Cyber, Data & Security) with 6 to 8 years of experience to join ...
Help organizations reduce cyber risk and improve resilience as part of Deloitte's Cyber Defense & Resilience Continuous Threat Exposure Management (CTEM) team. In this role, you'll support clients in ...
Help organizations reduce cyber risk and improve resilience as part of Deloitte's Cyber Defense & Resilience Continuous Threat Exposure Management (CTEM) team. In this role, you'll support clients in ...
Cyber Risk Manager information
See Raleigh, NC salary details
$44.2K - $53.5K
4% of jobs
$53.5K - $62.7K
6% of jobs
$62.7K - $72K
11% of jobs
$75.5K is the 25th percentile. Wages below this are outliers.
$72K - $81.2K
11% of jobs
The median wage is $88.6K / yr.
$81.2K - $90.5K
23% of jobs
$90.5K - $99.7K
13% of jobs
$105.8K is the 75th percentile. Wages above this are outliers.
$99.7K - $109K
12% of jobs
$109K - $118.2K
8% of jobs
$118.2K - $127.5K
6% of jobs
$127.5K - $136.7K
4% of jobs
$136.7K - $146K
2% of jobs
$44.2K
$95.8K
$146K
How much do cyber risk manager jobs pay per year?
How does a Cyber Risk Manager typically collaborate with other departments to strengthen an organization's cybersecurity posture?
What is the difference between Cyber Risk Manager vs Cybersecurity Analyst?
| Aspect | Cyber Risk Manager | Cybersecurity Analyst |
|---|---|---|
| Certifications | CRISC, CISSP, CISM | CompTIA Security+, CISSP, CEH |
| Work Environment | Risk assessment, policy development, strategic planning | Monitoring security systems, incident response, vulnerability testing |
| Employer & Industry Usage | Financial, healthcare, large enterprises | IT departments, security firms, corporate environments |
The Cyber Risk Manager focuses on identifying, assessing, and mitigating organizational cyber risks through strategic planning and policy development. In contrast, the Cybersecurity Analyst primarily monitors security systems, responds to incidents, and tests vulnerabilities. Both roles require certifications like CISSP, but their daily tasks and focus areas differ significantly, with the manager taking a broader, strategic approach and the analyst handling operational security tasks.
What are the key skills and qualifications needed to thrive as a Cyber Risk Manager, and why are they important?
Can you make $200,000 in cyber security?
Can you make $500,000 a year in cyber security?
What does a cyber risk manager do?
Is a CISO a stressful job?

Full-time
Re-posted 21 days ago
Job description
The Director of Governance and Risk will report to the CISO within Advance Auto Parts and will focus on the defining and deploying governance and risk management frameworks across Advance Auto Parts.
The Director of Governance and Risk will oversee cybersecurity policy, standards, procedures, compliance, ensuring the company adheres to relevant regulations, industry standards, and internal and 3rd party risk management. The ideal candidate will combine expertise in both cybersecurity and risk management disciplines and have exceptional communication and stakeholder management skills.
This position is 4 days in office, 1 day remote per week, based at our corporate headquarters in Raleigh, North Carolina (North Hills)
The key responsibilities of the role include:
- Develop a short term and long-term comprehensive Governance and Risk Management Strategy
- Develop, communicate, and implement enterprise-wide security policy, standards, procedures, and guidelines.
- Provide strategic guidance to the CISO for the representation of risks to the Board, Audit committee, and ERM
- Lead a team of cyber specialists, providing direction and supporting their development
- Conduct regular risk assessments, including PCI-DSS and SOX, and develop comprehensive risk management plans for various business units and projects
- Support Internal Audit with engagements requiring technology support.
- Vendor Risk Management (VRM): Oversee the VRM integration, including risk reviews, contract management, and ongoing monitoring to manage risks associated with third-party vendors and suppliers
- Support the identification, evaluation, and prioritization of cyber risks across the organization
- Oversee production, reporting and evolution of cyber risk metrics, including Key Performance Indicators (KPIs), scorecards, and Key Risk Indicators (KRIs)
- Conduct risk analysis, providing insights on issues and direction on risk mitigation strategies
- Drive automation, analytics, and continuous improvement of processes
- Engage with a range of senior stakeholders across Lines of Defense to ensure appropriate oversight and reporting of cybersecurity risks and vulnerabilities
- Collaborate with cross-functional teams on cyber risk remediation activities
- Ensure regulatory compliance with frameworks in NIST, SOC 1&2, PCI, SOX, CCPA
- Maintain the database and reporting platform to ensure compliance to our security policies and standards.
Skills/ Qualifications:
- Bachelor's degree in information security, Computer Science, or a related field; Master's degree preferred
- Minimum of 12 years of experience in cybersecurity, with a focus on risk management
- Expert in the implementation and operational management of OneTrust, working knowledge of Service Now, and Auditboard.
- Process driven with an extensive knowledge of cyber risk management frameworks, tools, and methodologies
- Master in the ability to "tell a story" through PowerPoint leveraging metrics and creativity for various levels of the enterprise (Board, ERM, Steerco, Business and/or tech leaders)
- Proven experience in senior leadership roles, managing teams, and influencing executive stakeholders, driving outcomes
- Experience in establishing and managing regulatory compliance in NIST, PCI-DSS, SOX, SOC 1/2, CCPA, HIPAA
- Deep understanding in cybersecurity metrics programs that are meaningful and risk/risk posture reporting
- Strategic thinker with a strong understanding of cyber risks, vulnerabilities, and risk mitigation options
- Innovative thinker, adaptable to change, self-driven, aggressive, and detail oriented with the ability to establish true partnerships that drives business enablement while managing risk
- Exceptional communication and executive level presentation skills, capable of translating technical risk into business terms
- Must have the ability to drive enterprise aligned roadmaps focusing on top cyber risks, cyber priorities, industry threats that align to the business
- Excellent analytical, problem-solving, and decision-making skills
California Residents click below for Privacy Notice:
About Advance Auto Parts
Sourced by ZipRecruiter
At Advance Auto Parts we have a passion for YES. Each day we are motivated by a passion to help our Customers. We have a commitment to advance the lives of our fellow Team Members, Customers, and the Communities where we live and work.
Industry
Motor vehicle and motor vehicle parts wholesalers, retail, internet and it and elementary and secondary schools
Company size
10,000+ Employees
Headquarters location
Raleigh, NC, US