Cyber Risk Management Engineer

Expert Cyber Risk Management Engineer Location: Hybrid, Oakland, CA Ideally. Remote a potential option Duration: 12+months Contract to Perm The Expert Cyber Risk Management Engineer assesses enterprise information security solutions and services, including authentication and authorization, public key infrastructure, data loss prevention, third-party risk management, and security event analytics. This role requires proactive research and analysis of complex, enterprise-scale cybersecurity challenges. In addition to evaluating processes and technologies, the engineer advises on the development and maintenance of security systems. Responsibilities • Develop processes, maintain internal frameworks, create documentation templates, and implement tooling to support and mature assurance service delivery. • Collaborate with security specialists, enterprise architects, and other technical leaders to ensure security solutions sufficiently mitigate risks and align with business objectives and regulatory requirements. • Analyze risk exposure and consult on the design of cyber risk management capabilities where improvements are needed. • Assess the effectiveness of cybersecurity capabilities, provide guidance on managing risks associated with ineffective controls, and influence decision-making by educating stakeholders. • Track and report issue status, ensuring timely resolution of identified risks. • Communicate cybersecurity risks and solutions to technical and non-technical audiences across all levels of management. • Advise on enterprise-level decisions by presenting insights to senior leadership, including technology executives and governance bodies. • Collaborate with legal, compliance, and audit teams to ensure alignment with regulatory expectations and contractual obligations. • Maintain ongoing communication with leadership regarding developments in assigned areas and contribute to special projects as needed. • Provide thought leadership and consulting support in the creation and maintenance of security-enabled processes across cybersecurity and technology teams. • Mentor team members on technical topics, interpersonal dynamics, organizational policies, and enterprise operations. • Partner with infrastructure, application, and data teams to ensure security controls are embedded across technology lifecycles and operational processes. • Conduct regular risk assessments to ensure compliance with internal policies, external regulations, and industry standards; update unified requirements and document corrective actions. • Define and track key performance indicators (KPIs) for cyber risk management capabilities, including issue closure rates, control effectiveness, and remediation timelines. • Stay current with emerging threats, trends, and technologies, and provide strategic recommendations to enhance the organizations security posture. • Contribute to the development and enforcement of cybersecurity policies, standards, and guidelines to ensure consistent and effective practices. • Advise on the selection and implementation of security tools and technologies aligned with the cyber risk management strategy. Skills/Experience: Qualifications • Strong communication skills, with emphasis on active listening and clarity. • Demonstrated empathy and ability to build trust within teams. • Proven ability to research and maintain current technical knowledge in a rapidly evolving environment. • Experience with Azure and Oracle public cloud infrastructures. • Expertise in preparing business plans, IT strategies, technology roadmaps, and technical proposals. • Ability to analyze business requirements and recommend timely, effective solutions. • Demonstrated creativity and problem-solving skills in directing analysis and developing solutions. • Knowledge of project development life cycle, with ability to coordinate and prioritize multiple initiatives.