Cyber Security Risk Management Lead – Infrastructure & Data Security

Join our team as a Cyber Security Risk Management Lead – Infrastructure & Data Security and play a pivotal role in safeguarding enterprise infrastructure and sensitive data. This is an excellent opportunity for a seasoned security professional to lead risk management initiatives, influence strategic security posture, and advance their career in a dynamic, forward-thinking organization.

Role Summary:

As the Cyber Security Risk Management Lead, you will oversee the entire lifecycle of technology risk within the infrastructure and data security domains. Reporting directly to the Associate Director, you will act as the primary risk advisor to domain leaders, providing expert guidance and strategic insights to ensure comprehensive risk mitigation and compliance. Your efforts will directly contribute to strengthening security defenses and operational resilience.

Key Responsibilities:

• Risk Identification & Assessment: Lead efforts to identify, evaluate, and monitor ICT risks, vulnerabilities, and control effectiveness within your assigned domain, ensuring alignment with industry standards and best practices.
• Risk Governance & Remediation: Drive risk assessment initiatives, issue management, and remediation efforts, prioritizing actions based on risk severity and business impact.
• Stakeholder Collaboration: Partner with technical SMEs, business units, and domain leaders to analyze complex risk data, diagnose root causes, and develop targeted solutions that improve security posture.
• Controls Testing & Reporting: Oversee control testing procedures, collaborate with offshore teams, and ensure comprehensive risk reporting, escalation, and tracking via tools like ServiceNow and Excel.
• Risk Process Optimization: Support continuous improvement of risk management frameworks, guiding processes related to risk identification, escalation, and mitigation while advising on operational model enhancements.
• Subject Matter Expertise: Stay abreast of emerging threats, with special focus on AI-specific risks such as adversarial attacks, data poisoning, and model theft, providing strategic guidance on mitigation strategies.
• Compliance & Standards: Maintain deep knowledge of relevant regulatory and compliance frameworks including ISO, COSO, COBIT, and NIST, ensuring our security practices meet or exceed industry standards.

Qualifications & Skills:

• Experience: Extensive professional background in technology risk management, particularly in infrastructure and data security within large-scale enterprises or financial institutions.
• Technical Proficiency: Demonstrated expertise in identifying, assessing, and remediating vulnerabilities; familiarity with threat vectors specific to AI and enterprise environments.
• Security Domains: Strong knowledge of vulnerability management, network security, application security, identity access management (IAM), and cloud security.
• Risk Frameworks & Standards: Proficiency with security risk policies, control frameworks, and tools such as ServiceNow, Excel, and GRC platforms.
• Analytical Ability: Skilled in analyzing technical data, asking critical questions, and translating findings into strategic recommendations for senior leadership.
• Communication & Influence: Exceptional stakeholder management skills, with an ability to influence across functional and organizational boundaries.

Preferred Qualifications:

• Experience with controls testing, audit management, or GRC platforms.
• Familiarity with regulatory and compliance mandates relevant to technology risk.
• Prior consulting experience or success working within a matrixed, cross-functional environment.

Publishing Pay Range: $70.00 – $75.00 USD Hourly