Other
Posted 14 days ago
Job description
/* deleted */
Cybersecurity Risk Manager
Overview
We are looking for a Cybersecurity Risk Manager to lead and strengthen our enterprise risk program. This role focuses on identifying, assessing, and managing cyber risks across internal systems, business processes, and third-party ecosystems. The ideal candidate is hands-on, structured, and comfortable working with both technical teams and business stakeholders.
Key Responsibilities
Risk Assessments
Conduct end-to-end cybersecurity risk assessments across applications, infrastructure, and business processes
Identify vulnerabilities, threats, and control gaps, and translate findings into actionable remediation plans
Work with engineering and business teams to validate risks and track mitigation progress
Threat Modeling
Lead threat modeling exercises for new and existing systems
Identify attack vectors, trust boundaries, and potential impact scenarios
Partner with engineering teams to embed secure design practices early in the development lifecycle
Third-Party Cyber Risk
Assess and monitor cybersecurity risks associated with vendors and external partners
Review security questionnaires, audit reports, and contractual security requirements
Collaborate with procurement and legal teams to ensure risk is properly managed and documented
GRC and Risk Governance
Support and maintain governance, risk, and compliance processes aligned with regulatory and internal requirements
Ensure policies, standards, and control frameworks are effectively implemented and followed
Contribute to audits, regulatory reviews, and control testing activities
Risk Register Management
Maintain and continuously update the enterprise cybersecurity risk register
Ensure risks are clearly documented, categorized, and prioritized based on impact and likelihood
Track remediation actions and ensure accountability across stakeholders
Reporting and Communication
Develop clear, concise risk reports for technical teams and senior leadership
Translate complex technical risks into business language and impact
Provide regular updates on risk posture, trends, and remediation status
Required Qualifications
Solid experience in cybersecurity risk management, GRC, or related functions
Hands-on experience conducting risk assessments and threat modeling
Experience managing third-party or vendor cyber risk programs
Strong understanding of security frameworks such as NIST, ISO 27001, or similar
Ability to maintain structured risk registers and track remediation efforts
Strong communication skills with the ability to engage both technical and non-technical stakeholders
Preferred Qualifications
Strong risk qualification and prioritization skills, with the ability to distinguish real risk from noise
Experience in regulated environments such as finance, healthcare, or large enterprises
Familiarity with audit processes and control validation
Experience working with cross-functional teams across legal, compliance, and technology
Certifications such as CISSP, CISM, CRISC, or similar
Most Popular Risk Manager Job Categories
Certified Risk Manager
Freelance Construction Risk Management
Corporate Risk Management
Remote Risk Management
Sr Risk Manager
Risk Management Assistant
Global Risk Manager
Certified Project Risk Manager
Technology Risk Management
Financial Risk Manager
Other Helpful Pages Related To Cybersecurity Risk Manager
Cyber Security Manager Salaries
Cyber Security Manager Career Research
Frequently asked questions
Q: What skills or qualities help someone succeed as a Risk Manager?
A: To succeed as a Risk Manager, key technical skills include proficiency in risk assessment methodologies, such as Enterprise Risk Management (ERM) frameworks, and expertise in data analysis and statistical modeling to identify and quantify potential risks. Soft skills like strong communication, negotiation, and problem-solving abilities are also crucial, as Risk Managers must effectively collaborate with stakeholders, articulate complex risk information, and develop mitigation strategies. By combining these technical and soft skills, Risk Managers can effectively identify, assess, and manage risks, ultimately supporting business growth and resilience.
Q: What is the career path for a Risk Manager?
A: A Risk Manager's typical career progression involves starting as a Risk Analyst or Junior Risk Manager, where they develop foundational skills in risk assessment and mitigation. As they gain experience, they can move into mid-level roles such as Risk Manager or Senior Risk Analyst, where they oversee risk management programs and develop strategic risk mitigation plans. Senior Risk Managers or Chief Risk Officers (CROs) often lead risk management teams and drive organizational risk strategies, providing opportunities for advanced skill development in areas like risk modeling, compliance, and leadership.
