The Senior Manager of Cyber Risk Management shall broadly be responsible for risk management, security awareness, policy analysis and forensic investigations. The position shall manage the identification and ranking of all cyber risk for the institution. All risks shall be categorized according to the ISO 27001 and NIST 800-53 security domains. Individual risk priorities will be set according to the OCTAVE method developed by the Software Engineering Institute at Carnegie Mellon University. The Senior Manager will execute a communications, training and awareness strategy that will enhance NYU-IT’s Cyber Security program through creating awareness on the risks the community faces. Reports to the Chief Information Security Officer.
Bachelor’s Degree in Computer Science or a related discipline
15 years of experience in the Cyber security, Cyber Risk, Information Security, Cyber Intelligence, privacy and data protection 6+ years proven professional in internal communications, marketing, social media, training. regulatory requirements
As a plus, Financial Services, Technology, or Risk Management industry experience will enable the candidate to better understand awareness needs and to develop programs to meet the business needs
Required Skills, Knowledge and Abilities:
Active CISSP, CISA or CCE certification required. Ability to execute work directly and through non-directly aligned teams. Exceptional writing and verbal skills, critical thinking, problem solving, and interpersonal skills. Effective problem solver and experience with conflict resolution Must demonstrate strong initiative, analytical, organizational and project management skill
Preferred Skills, Knowledge and Abilities:
CISA and / or CISM certification preferred.
EOE/AA/Minorities/Females/Vet/Disabled/Sexual Orientation/Gender Identity