What are the responsibilities and job description for the Cybersecurity Specialist position at Jobs via Dice?
Dice is the leading career destination for tech experts at every stage of their careers. Our client, OpTech, is seeking the following. Apply via Dice today!
Why work at OpTech?
OpTech is a woman-owned company that values your ideas, encourages your growth, and always has your back. When you work at OpTech, not only do you get health and dental benefits on the first day of employment, but you also have training opportunities, flexible/remote work options, growth opportunities, 401K and competitive pay. Apply today!
Title: Cyber Risk Specialist
Location: Auburn Hills, MI, Farmington Hills, MI, Frisco, TX or New York, NY
Hybrid Onsite Scheduled Required
Job Summary:
We are seeking a detail-oriented and experienced Cyber Risk Specialist to join our second line of defense (SLOD) team. This role is responsible for leading and supporting the execution of Risk Control Self-Assessments (RCSA) within the cybersecurity domain, ensuring alignment with the NIST Cybersecurity Framework (CSF) and the FFIEC Information Security Handbook. The ideal candidate will possess a strong understanding of cybersecurity controls, regulatory expectations, and risk management principles in the financial services sector.
Key Responsibilities:
RCSA Program Execution
Why work at OpTech?
OpTech is a woman-owned company that values your ideas, encourages your growth, and always has your back. When you work at OpTech, not only do you get health and dental benefits on the first day of employment, but you also have training opportunities, flexible/remote work options, growth opportunities, 401K and competitive pay. Apply today!
Title: Cyber Risk Specialist
Location: Auburn Hills, MI, Farmington Hills, MI, Frisco, TX or New York, NY
Hybrid Onsite Scheduled Required
Job Summary:
We are seeking a detail-oriented and experienced Cyber Risk Specialist to join our second line of defense (SLOD) team. This role is responsible for leading and supporting the execution of Risk Control Self-Assessments (RCSA) within the cybersecurity domain, ensuring alignment with the NIST Cybersecurity Framework (CSF) and the FFIEC Information Security Handbook. The ideal candidate will possess a strong understanding of cybersecurity controls, regulatory expectations, and risk management principles in the financial services sector.
Key Responsibilities:
RCSA Program Execution
- Lead the execution of comprehensive cybersecurity RCSAs in alignment with NIST CSF and FFIEC Information Security Handbook.
- Identify and evaluate cybersecurity control gaps; support development of remediation plans and risk mitigation strategies.
- Drive enhancements to control framework design, documentation, and integration with existing enterprise risk programs.
- Develop and maintain control design documentation across cybersecurity domains.
- Support remediation planning through actionable road maps and prioritized timelines for gap closure.
- Ensure clear ownership and accountability of control responsibilities.
- Collaborate with IT, Risk, Compliance, and Business units to ensure coordinated risk assessments and effective communication.
- Prepare risk governance reporting, dashboards, and executive summaries for ongoing cyber risk visibility.
- Conduct training and awareness sessions on RCSA methodologies and regulatory requirements.
- Maintain centralized risk registers and control repositories for transparency and audit readiness.
- Implement continuous control monitoring and exception reporting protocols.
- Leverage data analytics to identify risk trends and support predictive assessments.
- Monitor regulatory developments and ensure integration of emerging requirements into the risk framework.
- Uphold documentation standards to ensure thorough audit trails and evidence repositories.
- Documenting RCSA methodology aligned with NIST CSF and FFIEC guidelines.
- Risk and control matrices with ownership assignments.
- Defining control testing and validation procedures.
- Gap remediation plans with actionable steps and timelines.
- Training documentation and knowledge transfer materials.
- Executive-level reporting and dashboards to track risk posture over time.
- Experience with Second Line of Defense (SLOD) risk management functions.
- Strong background in conducting Risk Control Self-Assessments (RCSAs).
- Proficient in cybersecurity control frameworks, especially NIST CSF and FFIEC Information Security Handbook.
- Knowledge of control design, documentation, testing, and remediation processes.
- Excellent collaboration, stakeholder engagement, and cross-functional communication skills.
- Ability to translate technical control issues into business-relevant risk insights.
- Experience in data analysis for risk trend identification is a plus.
- CISSP, CISA, CRISC, or related cybersecurity or risk certifications.