What are the responsibilities and job description for the Cybersecurity Risk Manager position at Jobs via Dice?
Dice is the leading career destination for tech experts at every stage of their careers. Our client, Scigon Solutions, is seeking the following. Apply via Dice today!
a { text-decoration: none; color: #464feb;
}
tr th, tr td { border: 1px solid #e6e6e6;
}
tr th { background-color: #f5f5f5;
}
Cybersecurity Risk Manager
Overview
We are looking for a Cybersecurity Risk Manager to lead and strengthen our enterprise risk program. This role focuses on identifying, assessing, and managing cyber risks across internal systems, business processes, and third-party ecosystems. The ideal candidate is hands-on, structured, and comfortable working with both technical teams and business stakeholders.
Key Responsibilities
Risk Assessments
Conduct end-to-end cybersecurity risk assessments across applications, infrastructure, and business processes
Identify vulnerabilities, threats, and control gaps, and translate findings into actionable remediation plans
Work with engineering and business teams to validate risks and track mitigation progress
Threat Modeling
Lead threat modeling exercises for new and existing systems
Identify attack vectors, trust boundaries, and potential impact scenarios
Partner with engineering teams to embed secure design practices early in the development lifecycle
Third-Party Cyber Risk
Assess and monitor cybersecurity risks associated with vendors and external partners
Review security questionnaires, audit reports, and contractual security requirements
Collaborate with procurement and legal teams to ensure risk is properly managed and documented
GRC and Risk Governance
Support and maintain governance, risk, and compliance processes aligned with regulatory and internal requirements
Ensure policies, standards, and control frameworks are effectively implemented and followed
Contribute to audits, regulatory reviews, and control testing activities
Risk Register Management
Maintain and continuously update the enterprise cybersecurity risk register
Ensure risks are clearly documented, categorized, and prioritized based on impact and likelihood
Track remediation actions and ensure accountability across stakeholders
Reporting and Communication
Develop clear, concise risk reports for technical teams and senior leadership
Translate complex technical risks into business language and impact
Provide regular updates on risk posture, trends, and remediation status
Required Qualifications
Solid experience in cybersecurity risk management, GRC, or related functions
Hands-on experience conducting risk assessments and threat modeling
Experience managing third-party or vendor cyber risk programs
Strong understanding of security frameworks such as NIST, ISO 27001, or similar
Ability to maintain structured risk registers and track remediation efforts
Strong communication skills with the ability to engage both technical and non-technical stakeholders
Preferred Qualifications
Strong risk qualification and prioritization skills, with the ability to distinguish real risk from noise
Experience in regulated environments such as finance, healthcare, or large enterprises
Familiarity with audit processes and control validation
Experience working with cross-functional teams across legal, compliance, and technology
Certifications such as CISSP, CISM, CRISC, or similar
a { text-decoration: none; color: #464feb;
}
tr th, tr td { border: 1px solid #e6e6e6;
}
tr th { background-color: #f5f5f5;
}
Cybersecurity Risk Manager
Overview
We are looking for a Cybersecurity Risk Manager to lead and strengthen our enterprise risk program. This role focuses on identifying, assessing, and managing cyber risks across internal systems, business processes, and third-party ecosystems. The ideal candidate is hands-on, structured, and comfortable working with both technical teams and business stakeholders.
Key Responsibilities
Risk Assessments
Conduct end-to-end cybersecurity risk assessments across applications, infrastructure, and business processes
Identify vulnerabilities, threats, and control gaps, and translate findings into actionable remediation plans
Work with engineering and business teams to validate risks and track mitigation progress
Threat Modeling
Lead threat modeling exercises for new and existing systems
Identify attack vectors, trust boundaries, and potential impact scenarios
Partner with engineering teams to embed secure design practices early in the development lifecycle
Third-Party Cyber Risk
Assess and monitor cybersecurity risks associated with vendors and external partners
Review security questionnaires, audit reports, and contractual security requirements
Collaborate with procurement and legal teams to ensure risk is properly managed and documented
GRC and Risk Governance
Support and maintain governance, risk, and compliance processes aligned with regulatory and internal requirements
Ensure policies, standards, and control frameworks are effectively implemented and followed
Contribute to audits, regulatory reviews, and control testing activities
Risk Register Management
Maintain and continuously update the enterprise cybersecurity risk register
Ensure risks are clearly documented, categorized, and prioritized based on impact and likelihood
Track remediation actions and ensure accountability across stakeholders
Reporting and Communication
Develop clear, concise risk reports for technical teams and senior leadership
Translate complex technical risks into business language and impact
Provide regular updates on risk posture, trends, and remediation status
Required Qualifications
Solid experience in cybersecurity risk management, GRC, or related functions
Hands-on experience conducting risk assessments and threat modeling
Experience managing third-party or vendor cyber risk programs
Strong understanding of security frameworks such as NIST, ISO 27001, or similar
Ability to maintain structured risk registers and track remediation efforts
Strong communication skills with the ability to engage both technical and non-technical stakeholders
Preferred Qualifications
Strong risk qualification and prioritization skills, with the ability to distinguish real risk from noise
Experience in regulated environments such as finance, healthcare, or large enterprises
Familiarity with audit processes and control validation
Experience working with cross-functional teams across legal, compliance, and technology
Certifications such as CISSP, CISM, CRISC, or similar