Akkodis
Title: Cybersecurity Risk Manager
Position: Hybrid contract in San Jose, California.
Hourly Rate: $70-80.00 Depending on experience
Responsibilities Conducting comprehensive cyber risk assessments to identify potential threats, vulnerabilities, and impacts on the organization, leveraging qualitative and quantitative (e.g. FAIR) methods as applicable. Run the day to day operation of the Security Policy Exception process, aligned to Security processes and GRC risk mapping Maintaining a detailed Cyber risk register to prioritize and manage cyber risks effectively. Communicating and articulating cyber risks to both technical and business stakeholders, providing clear and actionable recommendations to mitigate risks. Coordinating cross functional dependencies to drive attention to and agreement on the creation of mitigation strategies. Collaborate with the Internal Audit, Compliance and internal Security teams to integrate cyber risk management practices into the overall risk management framework. Utilize the MITRE ATTACK framework to understand adversary tactics, techniques, and procedures, and apply this knowledge to enhance the organization's security posture.
Minimum Qualifications Must have 8+ years of experience in cybersecurity risk management, with a focus on risk assessments, risk quantification, and threat modeling. Bachelors degree in Cybersecurity, Information Technology, Computer Science, or a related field. Must be proficient in CSA, CIS, NIST 800 53 or similar standards Excellent communication skills, with the ability to articulate complex cyber risks to both technical and business audiences effectively. Demonstrate a process-oriented and results-driven approach to security risk management, employing effective problem-solving skills to serve as a subject matter expert
Preferred Qualifications Certifications such as CISA, CISSP, CISM, CRISC, FAIR or similar are highly desirable. Experience in the technology industry, with a deep understanding of its unique cybersecurity challenges and requirements. Prior experience leading Compliance or Cyber risk management functions. Masters degree preferred. Applied experience with quantitative risk analysis (e.g., FAIR, FAIR-CAM, Monte Carlo simulations) Ability to communicate risk concepts and their value to non-practitioners Experience with building or managing a risk exceptions program is a plus Familiarity with BC/DR concepts is a plus
Benefit offerings available for our associates include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, EAP program, commuter benefits and a 401K plan. Our benefit offerings provide employees the flexibility to choose the type of coverage that meets their individual needs. In addition, our associates may be eligible for paid leave including Paid Sick Leave or any other paid leave required by Federal, State, or local law, as well as Holiday pay where applicable. To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit https://www.modis.com/en-us/candidate-privacy/
The Company will consider qualified applicants with arrest and conviction records.
Responsibilities Conducting comprehensive cyber risk assessments to identify potential threats, vulnerabilities, and impacts on the organization, leveraging qualitative and quantitative (e.g. FAIR) methods as applicable. Run the day to day operation of the Security Policy Exception process, aligned to Security processes and GRC risk mapping Maintaining a detailed Cyber risk register to prioritize and manage cyber risks effectively. Communicating and articulating cyber risks to both technical and business stakeholders, providing clear and actionable recommendations to mitigate risks. Coordinating cross functional dependencies to drive attention to and agreement on the creation of mitigation strategies. Collaborate with the Internal Audit, Compliance and internal Security teams to integrate cyber risk management practices into the overall risk management framework. Utilize the MITRE ATTACK framework to understand adversary tactics, techniques, and procedures, and apply this knowledge to enhance the organization's security posture.
Minimum Qualifications Must have 8+ years of experience in cybersecurity risk management, with a focus on risk assessments, risk quantification, and threat modeling. Bachelors degree in Cybersecurity, Information Technology, Computer Science, or a related field. Must be proficient in CSA, CIS, NIST 800 53 or similar standards Excellent communication skills, with the ability to articulate complex cyber risks to both technical and business audiences effectively. Demonstrate a process-oriented and results-driven approach to security risk management, employing effective problem-solving skills to serve as a subject matter expert
Preferred Qualifications Certifications such as CISA, CISSP, CISM, CRISC, FAIR or similar are highly desirable. Experience in the technology industry, with a deep understanding of its unique cybersecurity challenges and requirements. Prior experience leading Compliance or Cyber risk management functions. Masters degree preferred. Applied experience with quantitative risk analysis (e.g., FAIR, FAIR-CAM, Monte Carlo simulations) Ability to communicate risk concepts and their value to non-practitioners Experience with building or managing a risk exceptions program is a plus Familiarity with BC/DR concepts is a plus
Benefit offerings available for our associates include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, EAP program, commuter benefits and a 401K plan. Our benefit offerings provide employees the flexibility to choose the type of coverage that meets their individual needs. In addition, our associates may be eligible for paid leave including Paid Sick Leave or any other paid leave required by Federal, State, or local law, as well as Holiday pay where applicable. To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit https://www.modis.com/en-us/candidate-privacy/
The Company will consider qualified applicants with arrest and conviction records.