linkedin
Cyber Risk Manager
Sin trabajo
Abu Dhabi, UAE
Full Time
Manager
Hybrid
5 days ago
Cyber Risk ManagementSecurity GovernanceRisk AssessmentISO/IEC 27001NIST Cybersecurity FrameworkCIS Controls
Free
Job Fit Check
Base Career helps you apply smarter for this job.
?%
Ready to ScanKey skills for this role
Cyber Risk ManagementSecurity GovernanceRisk Assessment
About the Role
We are seeking an experienced Cyber Risk Manager to lead enterprise cyber risk management initiatives, security governance, and risk assessment programs. The role involves developing cyber risk strategies, evaluating emerging threats, and ensuring cyber risks are managed in alignment with organizational objectives.
Key Skills for This Role
Cyber Risk ManagementSecurity GovernanceRisk AssessmentISO/IEC 27001NIST Cybersecurity FrameworkCIS Controls
Responsibilities
- Develop and implement cyber risk management strategies, governance frameworks, policies, standards, and risk methodologies aligned with organizational objectives and cybersecurity best practices
- Lead enterprise cyber risk assessments, threat modeling, control evaluations, vulnerability risk analysis, third party cyber risk reviews, and security maturity assessments across business and technology environments
- Collaborate with cybersecurity, information technology, cloud operations, software engineering, infrastructure, compliance, legal, audit, business continuity, enterprise risk management, and executive leadership to identify and mitigate cyber risks
- Establish and maintain cyber risk registers, risk appetite frameworks, key risk indicators (KRIs), governance processes, and reporting structures to support informed decision making
- Monitor key performance indicators (KPIs) including cyber risk exposure, vulnerability remediation rates, control effectiveness, compliance performance, security incidents, audit findings, and third party risk metrics
- Evaluate security controls against recognized frameworks such as ISO/IEC 27001, NIST Cybersecurity Framework (CSF), CIS Controls, COBIT, and applicable regulatory requirements while recommending risk mitigation strategies
- Conduct cyber risk assessments for cloud services, digital transformation initiatives, enterprise applications, mergers and acquisitions, vendors, and emerging technologies to ensure secure business enablement
- Coordinate with security operations, incident response, business continuity, disaster recovery, privacy, and compliance teams to support enterprise cyber resilience and incident readiness
- Manage third party cyber risk assessments, vendor security reviews, security questionnaires, contractual security requirements, and remediation activities with external partners and service providers
- Utilize Governance, Risk, and Compliance (GRC) platforms, Security Information and Event Management (SIEM) solutions, vulnerability management tools, Enterprise Resource Planning (ERP) systems, Microsoft Office Suite, Power BI, and cyber risk analytics platforms to monitor security risks and generate actionable insights
- Prepare cyber risk reports, executive dashboards, board presentations, compliance assessments, risk analyses, and strategic recommendations for senior leadership and governance committees
- Lead, mentor, and develop cyber risk analysts, governance specialists, security professionals, and cross functional stakeholders while fostering a culture of security awareness, accountability, collaboration, innovation, and continuous improvement
Requirements
- Bachelor's degree in Cybersecurity, Information Security, Information Technology, Computer Science, Risk Management, Information Systems, or a related field preferred
- Master's degree or professional certifications such as CISSP, CISM, CRISC, CCSP, ISO/IEC 27001 Lead Implementer, or equivalent are highly advantageous
- 5+ years of experience in cybersecurity, cyber risk management, information security, governance, risk and compliance (GRC), IT audit, or related roles
- 2+ years of experience managing cyber risk programs, security governance initiatives, enterprise risk assessments, or information security teams preferred
- Strong understanding of cyber risk management, security governance, threat modeling, cloud security, vulnerability management, third party risk, regulatory compliance, privacy, business continuity, and enterprise security frameworks
- Experience with GRC platforms, SIEM solutions, vulnerability management tools, ERP systems, Microsoft Office Suite, Power BI, cloud security platforms, cyber risk analytics tools, and security reporting solutions
- Strong leadership, analytical, strategic thinking, risk assessment, organizational, and problem solving skills
- Excellent communication, stakeholder management, presentation, negotiation, documentation, and cross functional collaboration abilities
- Ability to manage enterprise cyber risks while balancing security, regulatory compliance, business agility, operational resilience, and digital innovation objectives
- Ability to work independently in remote and hybrid environments with availability to support critical cyber incidents and risk assessments when required
Full Job Posting
About Us
- We are a technology driven organization committed to safeguarding digital assets, protecting sensitive information, and strengthening cyber resilience across the enterprise.
- Our teams collaborate across cybersecurity, information technology, risk management, compliance, governance, legal, audit, business operations, and executive leadership to proactively identify, assess, and mitigate cyber risks while enabling secure business growth and digital transformation.
The Role
- We are seeking an experienced Cyber Risk Manager to lead enterprise cyber risk management initiatives, security governance, and risk assessment programs.
- The ideal candidate will develop cyber risk strategies, evaluate emerging threats, strengthen security controls, and ensure cyber risks are effectively managed in alignment with organizational objectives, regulatory requirements, and industry best practices.
Key Responsibilities
- Develop and implement cyber risk management strategies, governance frameworks, policies, standards, and risk methodologies aligned with organizational objectives and cybersecurity best practices.
- Lead enterprise cyber risk assessments, threat modeling, control evaluations, vulnerability risk analysis, third party cyber risk reviews, and security maturity assessments across business and technology environments.
- Collaborate with cybersecurity, information technology, cloud operations, software engineering, infrastructure, compliance, legal, audit, business continuity, enterprise risk management, and executive leadership to identify and mitigate cyber risks.
- Establish and maintain cyber risk registers, risk appetite frameworks, key risk indicators (KRIs), governance processes, and reporting structures to support informed decision making.
- Monitor key performance indicators (KPIs) including cyber risk exposure, vulnerability remediation rates, control effectiveness, compliance performance, security incidents, audit findings, and third party risk metrics.
- Evaluate security controls against recognized frameworks such as ISO/IEC 27001, NIST Cybersecurity Framework (CSF), CIS Controls, COBIT, and applicable regulatory requirements while recommending risk mitigation strategies.
- Conduct cyber risk assessments for cloud services, digital transformation initiatives, enterprise applications, mergers and acquisitions, vendors, and emerging technologies to ensure secure business enablement.
- Coordinate with security operations, incident response, business continuity, disaster recovery, privacy, and compliance teams to support enterprise cyber resilience and incident readiness.
- Manage third party cyber risk assessments, vendor security reviews, security questionnaires, contractual security requirements, and remediation activities with external partners and service providers.
- Utilize Governance, Risk, and Compliance (GRC) platforms, Security Information and Event Management (SIEM) solutions, vulnerability management tools, Enterprise Resource Planning (ERP) systems, Microsoft Office Suite, Power BI, and cyber risk analytics platforms to monitor security risks and generat
- Prepare cyber risk reports, executive dashboards, board presentations, compliance assessments, risk analyses, and strategic recommendations for senior leadership and governance committees.
- Lead, mentor, and develop cyber risk analysts, governance specialists, security professionals, and cross functional stakeholders while fostering a culture of security awareness, accountability, collaboration, innovation, and continuous improvement.
Requirements
- Bachelor's degree in Cybersecurity, Information Security, Information Technology, Computer Science, Risk Management, Information Systems, or a related field preferred.
- Master's degree or professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Cloud Security Professional (CCSP), ISO/IEC 27001 Lead Implementer,
- 5+ years of experience in cybersecurity, cyber risk management, information security, governance, risk and compliance (GRC), IT audit, or related roles.
- 2+ years of experience managing cyber risk programs, security governance initiatives, enterprise risk assessments, or information security teams preferred.
- Strong understanding of cyber risk management, security governance, threat modeling, cloud security, vulnerability management, third party risk, regulatory compliance, privacy, business continuity, and enterprise security frameworks.
- Experience with GRC platforms, SIEM solutions, vulnerability management tools, ERP systems, Microsoft Office Suite, Power BI, cloud security platforms, cyber risk analytics tools, and security reporting solutions.
- Familiarity with zero trust architecture, artificial intelligence (AI) driven threat detection, security automation, DevSecOps, identity and access management (IAM), operational technology (OT) security, and digital resilience frameworks is advantageous.
- Strong leadership, analytical, strategic thinking, risk assessment, organizational, and problem solving skills.
- Excellent communication, stakeholder management, presentation, negotiation, documentation, and cross functional collaboration abilities.
- Ability to manage enterprise cyber risks while balancing security, regulatory compliance, business agility, operational resilience, and digital innovation objectives.
- Ability to work independently in remote and hybrid environments with availability to support critical cyber incidents and risk assessments when required.
What We Offer
- Flexible remote / hybrid work opportunity within the United Arab Emirates.
- Competitive compensation package.
- Professional development and cybersecurity leadership growth opportunities.
- Exposure to enterprise cyber resilience, digital transformation, cloud security, emerging technologies, and strategic risk management initiatives.
- Collaborative and security focused work environment.
- Supportive culture focused on innovation, resilience, accountability, and continuous improvement.
- Opportunity to strengthen enterprise cyber resilience by shaping risk strategies that protect critical business operations and enable secure growth.
- Clear career progression within cyber risk management, information security, governance and compliance, enterprise risk, and executive technology leadership functions.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career