Manager - Cyber Risk Strategy and Management

Key Skills:

Roles and Responsibilities:

• Lead and manage cybersecurity risk engagements, including planning, execution, and delivery.
• Conduct assessments aligned with NIST CSF, ISO 27001/2, OWASP, and CIS Controls.
• Design and evaluate secure network, system, and application architectures.
• Manage and mentor cybersecurity team members to ensure quality and efficiency.
• Perform vulnerability assessments, penetration testing, and threat modeling.
• Implement and assess endpoint security, intrusion detection systems, and DLP solutions.
• Configure and secure infrastructure components (Windows, Unix/Linux, routers, switches, firewalls).
• Develop and maintain security documentation, reports, and risk registers.
• Conduct cloud platform security assessments (AWS, Azure, etc.).
• Collaborate with clients to develop cybersecurity policies, standards, and procedures.
• Stay abreast of emerging threats and industry trends to guide strategic decisions.
• Participate in disaster recovery and incident response planning and execution.
• Coordinate and communicate technical security risks and mitigations to non-technical stakeholders.

Skills Required:

• 8+ years of experience in cybersecurity, information security, or related domains.
• Strong understanding of TCP/IP suite (TCP, SMTP, DNS, HTTP, etc.).
• Experience with enterprise security platforms (CrowdStrike, Exabeam, Carbon Black, etc.).
• Knowledge of risk assessment tools and vulnerability management solutions.
• Hands-on experience with firewalls, IDS/IPS, UBA/UEBA, VPNs, content filtering, and SIEMs.
• Familiarity with cloud security models and controls across AWS, Azure, or GCP.
• Exposure to technologies like Hadoop, Elastic, Kibana, Syslog, Kafka, MongoDB, Python, etc.
• Proven project management and multitasking capabilities in fast-paced environments.
• Excellent verbal and written communication skills, including technical reporting.
• Ability to travel regularly based on client requirements.

Certifications (Preferred):

• Certified Ethical Hacker (CEH v9 or higher)
• Certified Information Systems Security Professional (CISSP)
• Offensive Security Certified Professional (OSCP)

Additional Expectations:

• Demonstrate professionalism, confidentiality, and a client-first mindset.
• Flexibility to work irregular hours based on client needs.
• Ability to work independently and collaboratively in cross-functional teams.
• Strong analytical, troubleshooting, and documentation skills.

Education: