Cyber Security Risk Manager

Company	VeriskSee more
Address	Edinburgh, City of Edinburgh
Category	Banking

Job description

Company Description

Wood Mackenzie are the global research, analytics, and consultancy business powering the natural resources industry. For 50 years, we have been providing the quality data, analytics, and insights our customers rely on to inspire their decision making.

Our dedicated oil, gas & LNG, power & renewables, chemicals, metals & mining sector teams are located around the world and deliver a variety of projects based on our assessment and valuation of thousands of individual assets, companies, and economic indicators such as market supply, demand, and price trends.

Job Description

We are seeking a highly skilled and strategic-minded Cyber Security Risk Manager to join our dynamic team. In this role, you will play a key part in identifying, assessing, and mitigating Cyber Security Risks to protect our organization's assets and information.

As a Cyber Security Risk Manager, you will be responsible for developing and implementing an effective Cyber Security Risk management program. This includes identifying and evaluating potential threats, assessing vulnerabilities, and implementing strategies to minimize risk exposure. The ideal candidate will have a strong background in Cyber Security, risk management methodologies, and the ability to collaborate with various teams to ensure a robust security posture.

Key Responsibilities:

Develop and implement a comprehensive Cyber Security Risk management program to identify, assess, and prioritize cyber threats and vulnerabilities
Conduct regular risk assessments and vulnerability assessments, considering emerging cyber threats and industry best practices.
Collaborate with cross-functional teams to establish risk tolerance levels and ensure alignment with organizational objectives.
Analyze and interpret Cyber Security data to provide insights into potential risks and recommend appropriate mitigation strategies.
Develop and maintain risk assessment documentation, including risk registers, impact analyses, and risk treatment plans.
Communicate effectively with stakeholders, including executives, to present risk findings, potential impacts, and recommended risk mitigation strategies.
Stay current with industry trends, emerging threats, and best practices in Cyber Security and risk management.
Lead the development of key risk indicators (KRIs) and key performance indicators (KPIs) to monitor and measure the effectiveness of the risk management program.
Provide guidance to project teams to integrate risk management practices into the project life cycle.
Collaborate with internal and external partners to enhance the organization's cyber resilience and incident response capabilities.

#LI-RA1

Qualifications

Bachelor's degree in Cyber Security, Information Technology, or a related field. Advanced certifications (CRISC, CISM, CISSP) are highly desirable.
Proven experience (5+ years) in a Cyber Security Risk management role, demonstrating a strong understanding of risk assessment methodologies.
Experience with ServiceNow GRC is a plus.
In-depth knowledge of Cyber Security principles, frameworks, and best practices.
Excellent analytical and problem-solving skills, with the ability to prioritize and manage multiple tasks.
Strong communication and interpersonal skills to effectively convey complex technical concepts to non-technical stakeholders.
Experience with risk assessment tools and methodologies.
Familiarity with relevant regulations and compliance standards (ISO 27001, SOC2, NIST, GDPR, etc.).

Additional Information

We are a hybrid working company and the successful applicant will be expected to be physically present in the office at least 2 days per week to foster and contribute to a collaborative environment, but this may be subject to change in the future
Due to the global nature of the team, a degree of flexible working will be required to accommodate different time zones

Wood Mackenzie Values