What are the responsibilities and job description for the Technical Manager - Cyber Risk Management - 2023820 position at Software Engineering Institute | Carnegie Mellon University?
The SEI CERT Cyber Risk and Resilience Directorate, enables organizations to achieve operational resilience by performing research in emerging areas of operational risk, producing measurement and assessment tools that help organizations better understand their current risk and resilience posture, and developing and validating models, frameworks, and tools to drive quantifiable risk reduction. Our Cyber Risk Management team focuses on designing, prototyping, transitioning risk management novel methods. We support partners in government and industry in achieving cyber-dependent missions. .
Job Description Summary
The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT’s Cyber Risk & Resilience Directorate. This candidate will be responsible for the creation, development and management of a sustained applied research and technical agenda for Risk & Resilience CRM Team consistent with and directly supporting the US Department of War’s strategic challenges and emerging threats. The technical manager is responsible for developing and communicating technical vision, developing tasking, creating project work statements, developing and managing project plans, managing initiative finances and accounting, generating new work and customers, working with business development staff, executing work with high degree of customer satisfaction, and supervising staff.
The successful candidate must have proven experience conducting and leading technical efforts in support of the US Federal Government (USG) and Department of War (DOW); managing technical teams; be self-directed, have a track record of creating interdisciplinary approaches to problem solving, and demonstrate exceptionally strong presentation and writing skills. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner.
Minimum Qualifications and Requirements
Education/Training:
• BS in risk management , cybersecurity, information systems, economics, mathematics or a related technical field; advanced degree strongly preferred.
Other educational backgrounds of a technical nature with significant relevant experience as described may be considered.
Experience:
Total of ten (10) years of experience as an enterprise risk executive, enterprise risk manager, primary investigator engaged in risk management research, or similarly technical occupation.
Experience and expert knowledge of:
• risk quantification tools and techniques
• risk management frameworks/model/standards of practice
• risk governance
Experience with and substantial knowledge of:
• network architectures , and telecommunications
• cybersecurity and operational resilience
• information security models, frameworks, and metrics
• foundational artificial intelligence concepts and techniques
• project planning and financial management
• strategic planning and product development
• USG and DoW risk tools, techniques, and methods
• USG and DoW risk management strategies, policies, and directives
Skills/Abilities:
• mastery of risk management concepts, cyber security best practices and standards, information security and risk evaluation methods, development
• excellent analytical, organizational, reasoning and problem-solving skills
• outstanding written and oral communication skills
• demonstrated ability and experience in employee performance management
• outstanding financial and resource management skills
• demonstrated ability to prepare papers and deliver presentations for technical and non-technical audiences
• demonstrated experience in developing a strategic plan and associated technical agenda
• demonstrated experience in developing products and transition (go-to-market)
• ability to interact effectively with diverse constituencies internally and externally, including senior executives and managers in government and industry
• ability to recognize and deal appropriately with confidential and sensitive information, and where appropriate, ability to obtain and hold a security clearance
• active involvement in professional societies
Preferred Qualifications:
RIMS-Certified Risk Management Professional (preferred)
Certified Enterprise Risk Manager (preferred)
Certified Information Systems Security Professional (preferred)
Certified Information Security Manager (preferred)
Certified Information Systems Auditor (preferred)
Other: You will be subject to a background investigation, and you must have the ability to obtain and maintain a Department of War security clearance.