CyberSecurity Risk Engineer

• Ability to actively lead and manage project update briefings, working sessions and stakeholder meetings

• Strong analytical/assessment capability (e.g., conducting cybersecurity gap analysis, risk assessments)

• Experience with systems engineering discipline

• Ability and proven experience to manage a Third Party Cyber Risk Management program

• Ability to work independently without direct supervision

• Knowledge of security frameworks - NIST 800-53, NIST 800-171, ISO 27001

• Knowledge of security audits/certifications: SOC 2 Type 2, ISO 27001, PCI-DSS

• Understanding of third party relationships

• Understanding basic procurement processes - SOW, RFP, contract terms and conditions

• Process oriented

• Strong organization and prioritization skills

• Program management skills

• Strong writing skills

• Knowledge of security best practices