CyberSecurity Manager

Job Summary:
The Information Security Risk Manager plays a crucial role in protecting the organization’s systems, networks, and data by leading risk identification, assessment, and remediation strategies. This role involves working collaboratively with internal stakeholders to mitigate security risks, enhance the organization's risk posture, and drive a culture of risk awareness. Key responsibilities include comprehensive risk assessment, developing and implementing risk management methodologies, and fostering continual improvement to align with emerging threats and business goals.

Key Responsibilities:

• Conduct comprehensive risk assessments to identify, prioritize, and quantify security threats and vulnerabilities across the organization’s systems, network, and applications.
• Develop and implement risk mitigation strategies, collaborating with stakeholders to establish risk tolerance levels and remediation plans.
• Monitor and report the progress of remediation efforts, ensuring the effectiveness of implemented controls and identifying residual risks.
• Lead the creation and execution of security awareness initiatives to educate employees on security risks and best practices.
• Anticipate business needs and present actionable recommendations to improve the organization’s security posture while balancing business objectives.
• Maintain an external network to analyze new threats and trends, ensuring organizational strategies remain aligned with industry best practices.

Minimum Education & Experience Requirements:

• Bachelor’s degree in Business, Technology, Cybersecurity, Technology Risk Management, or a related field, or a minimum of 4 years of equivalent experience.
• At least 4 years of experience in IT operations, IT audit, security, or risk management.
• Proficiency in applying risk management frameworks and methodologies in complex business environments.

Special Requirements:

• Familiarity with the ISO 27001 standard.
• Governance and risk certifications such as CRISC, CISM, CISA, or CISSP are highly desirable.

Knowledge, Skills, and Abilities:

• Strong analytical and problem-solving skills, with the ability to decipher and prioritize tasks effectively.
• Demonstrated understanding of business processes, internal risk strategies, IT controls, and their interplay.
• Proficiency in operational security capabilities, including access control, network security, vulnerability management, and incident response.
• Excellent written and oral communication skills, capable of conveying complex concepts to executive management and technical teams.
• Ability to develop and implement strategic, risk-based security programs tailored to organizational needs.

Additional Desired Characteristics:

• Proficiency in process formulation and improvement.
• Curiosity and a proactive approach to identifying and solving challenges.
• A proven track record of fostering a culture of accountability and active participation in risk management efforts.

Work Environment:

• This role may involve flexible working hours and occasional travel to support organizational needs.
• The position requires collaboration with cross-functional teams to achieve risk management objectives.

Job Type: Contract

Pay: $50.00 - $60.00 per hour

Expected hours: 40 per week

Benefits:

• Health insurance

Compensation Package:

• Hourly pay

Schedule:

• 8 hour shift

Experience:

• Cybersecurity: 5 years (Required)
• Risk management: 5 years (Required)

License/Certification:

• CISSP (Required)

Ability to Commute:

• Pittsburgh, PA 15222 (Required)

Work Location: In person

Salary : $50 - $60