Perennial Resources International
Cyber & Technology Risk Oversight
Perennial Resources International, Saint Paul, Minnesota, United States, 55130
Cyber and Technology Risk Oversight:
Key Responsibilities:
Strategic Leadership:
* Develop and implement a comprehensive cyber and technology risk management strategy aligned with organizational goals. * Set strategic vision and establish risk tolerance thresholds.
Risk Assessment and Management:
* Oversight of the identification, assessment, and prioritization of cyber and technology risks. * Oversight the development and execution of risk mitigation plans.
Team Leadership:
* Manage and mentor a team of Cyber risk management professionals. * Foster a culture of risk awareness and proactive management.
Governance and Compliance:
* Ensure compliance with relevant industry standards, regulations, and best practices through risk assessments. * Oversee the execution of risk processes consistently across the enterprise.
Vendor and Third-Party Oversight:
* Provide executive oversight of managed services providers responsible for assessments, third-party reviews.
Operational Risk Management:
* Oversee operational risk functions, including cyber/IT risk registers and finding management. * Manage cyber risk components of M&A and divestiture activities.
Reporting and Communication:
* Communicate risk management strategies and outcomes to executive leadership and stakeholders. * Prepare and present risk reports and dashboards.
Your Skills and Expertise: To set you up for success in this role from day one, requires (at a minimum) the following qualifications:
* Bachelor's degree or higher (completed and verified prior to start) * Ten (10) years of experience in Cybersecurity in a private, public, government or military environment * Five (5) years of management and/or supervisor experience * Deep understanding of cyber risk frameworks and methodologies (NIST CSF/RMF, ISO 27001/27005, COBIT, etc.) * CISSP certification or one of the following certifications such as SANS, ISACA (CGEIT, CISA, CISM, ISO 31000 CRISC, ISO 27001 Lead Auditor). Multiple certifications from the list above are preferred * Experience overseeing third-party cyber risk processes * Familiarity with GRC tools and risk tracking platforms (e.g., ServiceNow, Archer, OneTrust) * Experience working with managed service providers or co-sourced risk execution models * Strong leadership presence and communication skills across technical and business stakeholders
Additional qualifications that could help you succeed even further in this role include:
* Master's degree in computer engineering, computer systems or information technology field from an accredited institution * Excellent communication, negotiation, and relationship-building skills. * Strong analytical and problem-solving skills * bility to work collaboratively with internal teams and external vendors.
Strategic Leadership:
* Develop and implement a comprehensive cyber and technology risk management strategy aligned with organizational goals. * Set strategic vision and establish risk tolerance thresholds.
Risk Assessment and Management:
* Oversight of the identification, assessment, and prioritization of cyber and technology risks. * Oversight the development and execution of risk mitigation plans.
Team Leadership:
* Manage and mentor a team of Cyber risk management professionals. * Foster a culture of risk awareness and proactive management.
Governance and Compliance:
* Ensure compliance with relevant industry standards, regulations, and best practices through risk assessments. * Oversee the execution of risk processes consistently across the enterprise.
Vendor and Third-Party Oversight:
* Provide executive oversight of managed services providers responsible for assessments, third-party reviews.
Operational Risk Management:
* Oversee operational risk functions, including cyber/IT risk registers and finding management. * Manage cyber risk components of M&A and divestiture activities.
Reporting and Communication:
* Communicate risk management strategies and outcomes to executive leadership and stakeholders. * Prepare and present risk reports and dashboards.
Your Skills and Expertise: To set you up for success in this role from day one, requires (at a minimum) the following qualifications:
* Bachelor's degree or higher (completed and verified prior to start) * Ten (10) years of experience in Cybersecurity in a private, public, government or military environment * Five (5) years of management and/or supervisor experience * Deep understanding of cyber risk frameworks and methodologies (NIST CSF/RMF, ISO 27001/27005, COBIT, etc.) * CISSP certification or one of the following certifications such as SANS, ISACA (CGEIT, CISA, CISM, ISO 31000 CRISC, ISO 27001 Lead Auditor). Multiple certifications from the list above are preferred * Experience overseeing third-party cyber risk processes * Familiarity with GRC tools and risk tracking platforms (e.g., ServiceNow, Archer, OneTrust) * Experience working with managed service providers or co-sourced risk execution models * Strong leadership presence and communication skills across technical and business stakeholders
Additional qualifications that could help you succeed even further in this role include:
* Master's degree in computer engineering, computer systems or information technology field from an accredited institution * Excellent communication, negotiation, and relationship-building skills. * Strong analytical and problem-solving skills * bility to work collaboratively with internal teams and external vendors.