PRI Technology
Cyber & Technology Risk Oversight
PRI Technology, Saint Paul, Minnesota, United States, 55199
Key Responsibilities
Cyber and Technology Risk Oversight
Develop and implement a comprehensive cyber and technology risk management strategy aligned with organizational goals.
Set strategic vision and establish risk tolerance thresholds.
Risk Assessment And Management
Oversight of the identification, assessment, and prioritization of cyber and technology risks.
Oversight the development and execution of risk mitigation plans.
Team Leadership
Manage and mentor a team of Cyber risk management professionals.
Foster a culture of risk awareness and proactive management.
Governance And Compliance
Ensure compliance with relevant industry standards, regulations, and best practices through risk assessments.
Oversee the execution of risk processes consistently across the enterprise.
Vendor And Third-Party Oversight
Provide executive oversight of managed services providers responsible for assessments, third-party reviews.
Operational Risk Management
Oversee operational risk functions, including cyber/IT risk registers and finding management.
Manage cyber risk components of M&A and divestiture activities.
Reporting And Communication
Communicate risk management strategies and outcomes to executive leadership and stakeholders.
Prepare and present risk reports and dashboards.
Your Skills And Expertise To set you up for success in this role from day one, requires (at a minimum) the following qualifications:
Bachelor's degree or higher (completed and verified prior to start)
Ten (10) years of experience in Cybersecurity in a private, public, government or military environment
Five (5) years of management and/or supervisor experience
Deep understanding of cyber risk frameworks and methodologies (NIST CSF/RMF, ISO 27001/27005, COBIT, etc.)
CISSP certification or one of the following certifications such as SANS, ISACA (CGEIT, CISA, CISM, ISO 31000 CRISC, ISO 27001 Lead Auditor). Multiple certifications from the list above are preferred
Experience overseeing third-party cyber risk processes
Familiarity with GRC tools and risk tracking platforms (e.g., ServiceNow, Archer, OneTrust)
Experience working with managed service providers or co-sourced risk execution models
Strong leadership presence and communication skills across technical and business stakeholders
Additional qualifications that could help you succeed even further in this role include:
Master's degree in computer engineering, computer systems or information technology field from an accredited institution
Excellent communication, negotiation, and relationship-building skills.
Strong analytical and problem-solving skills
Ability to work collaboratively with internal teams and external vendors.
#J-18808-Ljbffr
Develop and implement a comprehensive cyber and technology risk management strategy aligned with organizational goals.
Set strategic vision and establish risk tolerance thresholds.
Risk Assessment And Management
Oversight of the identification, assessment, and prioritization of cyber and technology risks.
Oversight the development and execution of risk mitigation plans.
Team Leadership
Manage and mentor a team of Cyber risk management professionals.
Foster a culture of risk awareness and proactive management.
Governance And Compliance
Ensure compliance with relevant industry standards, regulations, and best practices through risk assessments.
Oversee the execution of risk processes consistently across the enterprise.
Vendor And Third-Party Oversight
Provide executive oversight of managed services providers responsible for assessments, third-party reviews.
Operational Risk Management
Oversee operational risk functions, including cyber/IT risk registers and finding management.
Manage cyber risk components of M&A and divestiture activities.
Reporting And Communication
Communicate risk management strategies and outcomes to executive leadership and stakeholders.
Prepare and present risk reports and dashboards.
Your Skills And Expertise To set you up for success in this role from day one, requires (at a minimum) the following qualifications:
Bachelor's degree or higher (completed and verified prior to start)
Ten (10) years of experience in Cybersecurity in a private, public, government or military environment
Five (5) years of management and/or supervisor experience
Deep understanding of cyber risk frameworks and methodologies (NIST CSF/RMF, ISO 27001/27005, COBIT, etc.)
CISSP certification or one of the following certifications such as SANS, ISACA (CGEIT, CISA, CISM, ISO 31000 CRISC, ISO 27001 Lead Auditor). Multiple certifications from the list above are preferred
Experience overseeing third-party cyber risk processes
Familiarity with GRC tools and risk tracking platforms (e.g., ServiceNow, Archer, OneTrust)
Experience working with managed service providers or co-sourced risk execution models
Strong leadership presence and communication skills across technical and business stakeholders
Additional qualifications that could help you succeed even further in this role include:
Master's degree in computer engineering, computer systems or information technology field from an accredited institution
Excellent communication, negotiation, and relationship-building skills.
Strong analytical and problem-solving skills
Ability to work collaboratively with internal teams and external vendors.
#J-18808-Ljbffr