Overview
Identifies, assesses, and manages cybersecurity risks across the organization, developing strategies to mitigate threats and aligning security controls with the business's risk tolerance.
Responsibilities
- Identify
- assess
- and prioritize cybersecurity risks
- develop risk treatment plans (accept, mitigate, transfer, avoid)
- maintain risk register
- align security controls with risk appetite
- report on risk posture to management
- ensure compliance with risk-related regulations
Required Skills
- Risk assessment methodologies (NIST RMF, FAIR)
- understanding of security controls and frameworks
- data analysis
- communication skills
- report writing
- business process understanding
Salary Expectations
$90,000 - $150,000+ USD
Relevant Certifications
No specific certifications listed for this role yet.
Common Career Pathway
Can come from IT audit, compliance, or technical security roles. Requires analytical skills and understanding of business impact.
Learning Roadmap
Security/IT background -> Learn Risk Management Frameworks -> Understand Control Frameworks -> Develop analytical/reporting skills -> CRISC/CISM.