The Senior Cyber Risk Management Engineer will develop and implement enterprise information security solutions, such as authentication and authorization, public key infrastructure, data loss prevention, and security event information analytics, to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. In addition to designing, and developing solutions, the Senior Cyber Risk management Engineer will contribute to the development and maintenance of information security architecture.

Responsibilities:

• Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Research and track threat actor groups, study advances in adversary tactics, techniques, and practices.
• Designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Develop processes, develop documentation templates, and implement tooling to enable security service delivery.
• Serves as a security expert in business process design, application development, database design, network, and/or platform and operating system efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Engage with security specialists, solutions architects and other functional area specialists to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements.
• Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contribute to the development and maintenance of information security strategy and architecture.
• Assesses the effectiveness of cybersecurity capabilities, both internal to the organization and at third parties, provide guidance on effectively managing the risk of ineffective capabilities, and influence decision making by educating business stakeholders on the risk.
• Works with Solution Architects, other functional area specialists and security specialists to ensure adequate security solutions are in place for IT systems and platforms to mitigate identified risks sufficiently and support business objectives. Serve as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the solution and identifying options and recommendations for mitigating those risks.
• Communicates and interacts effectively and professionally with co-workers, management, internal and external customers and partners. Communicate cybersecurity risks and solutions to various technical and non-technical audiences and levels of management. Maintain communication with management regarding development within areas of assigned responsibilities and perform special projects as required or requested. Continuously track and report the status of all development efforts.
• Develops strong working relationships with and offer continuous assistance and thought leadership to other contributors in the information technology organization.
• Establishes and maintains relationships with suppliers and business partners in the information security industry.
• Educates, coaches, and mentors junior members of the team on technical, interpersonal, team dynamics, company policy & procedure, and other topics.