IT & Cyber Risk Manager
North Reading, MA, US
Teradyne
We are the global test and automation specialists, powering next-generation technologies through sophisticated solutions. Behind every electronic device you use, Teradyne's test technology ensures your device works right the first time, every time! Our portfolio of automation solutions help manufacturers to develop and deliver products quickly, efficiently and cost-effectively. Together, Teradyne companies deliver manufacturing automation across industries and applications around the world!
IT Cyber Risk ManagerRole:
The IT Cyber Risk Manager is responsible for the strategy, preparation, and execution of the company’s cyber and IT Risk Management Program. You will assist with the planning, design, and development of IT Risk Management Framework and guide the risk management activities, working to enhance and mature the program.
Working collaboratively with cross functional teams, you will leverage your strong technical background and business acumen to identify potential risks and develop strategies to ensure our businesses remain secure and operate within their risk tolerance levels. You will leverage your understanding of qualitative and quantitative risk management and inherent and residual risk to properly establish, evaluate, and report on technology risk levels at the project and enterprise level.
Individuals in this role regularly interact with business leaders, engineering teams, Enterprise Security, Infrastructure & Technology Services, and Application Security teams.
Responsibilities:
- Develop and maintain the risk management framework, methodology and service delivery practice.
- Operationalize the IT & cyber risk management function to ensure risks are identified, monitored, and mitigated.
- Assess, evaluate, and make recommendations to management regarding the adequacy of the security controls in products, processes, and technology solutions.
- Develop a cybersecurity risk assessment policy, procedures and risk treatment guidelines, interacting with business, IT, and cyber partners
- Lead the identification, measurement, communication, and management of third-party risk management (3PRM)
- Proactively share best practices with the larger IT and business communities. Provide guidance to risk area owners and subject matter experts and solicit and evaluate their insights into current, new, and emerging cyber risks across global, divisional, and regional structures.
- Lead cyber risk monitoring, reporting, and remediation efforts to drive treatment consistency and visibility across stakeholders
- Develop and manage key performance and risk indicators and deliver executive reporting content to present cybersecurity risks to enterprise risk and business audiences, demonstrating understanding of Teradyne risk appetite across enterprise environments
Qualifications, Skills and Education Required:
- Bachelors Degree, preferably with additional focus in Information Technology/Management, or related fields.
- Minimum seven years of related risk management work experience in technology, security management, software development, IT operations, or other technology-related consulting.
- Demonstrated experience with risk management frameworks, and risk assessment methodologies.
- Progressive experience managing multiple projects concurrently with excellent organizational, analytical, pragmatic and critical thinking skills
- Experience with NIST Cybersecurity Framework (CSF), NIST Risk Management Framework (RMF) and SP-800-53 Controls
- Demonstrated robust understanding of the people, process, technology ecosystem including a well-rounded understanding of the cybersecurity domains and their inter-relations across that ecosystem
- Excellent interpersonal, verbal, and written communication skills with the ability to communicate risk related concepts to a broad range of technical and non-technical staff.
- Successful experience working, collaborating, and establishing credibility and relationships across the company.
Qualifications, Skills and Education Preferred
- Relevant IT or Risk Management certification (CRISC, CISSP, CISM, CISA, or similar)
- Experience working in environments subject to compliance requirements such as CMMC, ITAR, GDPR, NIS, SOX, and other similar requirements
- Experience with the FAIR methodology
- Working knowledge of one or more GRC platform environments
Please note: Teradyne is not considering candidates who require sponsorship for this position.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation CISA CISM CISSP CMMC Compliance CRISC GDPR Monitoring NIST NIST 800-53 Risk assessment Risk management RMF SOX Strategy
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs