IT & Cyber Risk Manager

IT Cyber Risk Manager

Role :

The IT Cyber Risk Manager is responsible for the strategy, preparation, and execution of the company’s cyber and IT Risk Management Program.

You will assist with the planning, design, and development of IT Risk Management Framework and guide the risk management activities, working to enhance and mature the program.

Working collaboratively with cross functional teams, you will leverage your strong technical background and business acumen to identify potential risks and develop strategies to ensure our businesses remain secure and operate within their risk tolerance levels.

You will leverage your understanding of qualitative and quantitative risk management and inherent and residual risk to properly establish, evaluate, and report on technology risk levels at the project and enterprise level.

Individuals in this role regularly interact with business leaders, engineering teams, Enterprise Security, Infrastructure & Technology Services, and Application Security teams.

Responsibilities :

• Develop and maintain the risk management framework, methodology and service delivery practice.
• Operationalize the IT & cyber risk management function to ensure risks are identified, monitored, and mitigated.
• Assess, evaluate, and make recommendations to management regarding the adequacy of the security controls in products, processes, and technology solutions.
• Develop a cybersecurity risk assessment policy, procedures and risk treatment guidelines, interacting with business, IT, and cyber partners
• Lead the identification, measurement, communication, and management of third-party risk management (3PRM)
• Proactively share best practices with the larger IT and business communities. Provide guidance to risk area owners and subject matter experts and solicit and evaluate their insights into current, new, and emerging cyber risks across global, divisional, and regional structures.
• Lead cyber risk monitoring, reporting, and remediation efforts to drive treatment consistency and visibility across stakeholders
• Develop and manage key performance and risk indicators and deliver executive reporting content to present cybersecurity risks to enterprise risk and business audiences, demonstrating understanding of Teradyne risk appetite across enterprise environments

Qualifications, Skills and Education Required :

• Bachelors Degree, preferably with additional focus in Information Technology / Management, or related fields.
• Minimum seven years of related risk management work experience in technology, security management, software development, IT operations, or other technology-related consulting.
• Demonstrated experience with risk management frameworks, and risk assessment methodologies.
• Progressive experience managing multiple projects concurrently with excellent organizational, analytical, pragmatic and critical thinking skills
• Experience with NIST Cybersecurity Framework (CSF), NIST Risk Management Framework (RMF) and SP-800-53 Controls
• Demonstrated robust understanding of the people, process, technology ecosystem including a well-rounded understanding of the cybersecurity domains and their inter-relations across that ecosystem
• Excellent interpersonal, verbal, and written communication skills with the ability to communicate risk related concepts to a broad range of technical and non-technical staff.
• Successful experience working, collaborating, and establishing credibility and relationships across the company.

Qualifications, Skills and Education Preferred

• Relevant IT or Risk Management certification (CRISC, CISSP, CISM, CISA, or similar)
• Experience working in environments subject to compliance requirements such as CMMC, ITAR, GDPR, NIS, SOX, and other similar requirements
• Experience with the FAIR methodology
• Working knowledge of one or more GRC platform environments

LI-KD1

Please note : Teradyne is not considering candidates who require sponsorship for this position.