BayAreaJobFinder.com

Job Details

View jobs in our app

Download on Apple App Store   Get it on Google Play
Learn more about the app. Workinapps.com

Senior Cyber Risk Management Engineer

  2025-10-20     Tranzeal Incorporated     San Francisco,CA  
Description:

Seeking a Senior Cyber Risk Management Capability Assessor to evaluate the effectiveness of cyber risk management capabilities, including policies, processes, and technical controls. This role will involve conducting risk assessments using Delta Dental's enterprise cyber risk management framework and collaborating with capability owners to enhance the framework based on emerging regulations and cybersecurity standards. The Assessor will manage issues, develop Plans of Action and Milestones (POAM), and support SOC 1/2 Type 2 audits and regulatory attestations (NAIC model laws and 23 NYCRR 500).

Key Responsibilities:

  • Cyber Risk Assessments: Conduct comprehensive assessments of the organization's cyber risk management capabilities.
  • Gap Analysis: Identify gaps in cyber risk management and recommend improvements.
  • Issue Management & POAM: Develop and manage Plans of Action and Milestones (POAM) to address identified risks and vulnerabilities.
  • Documentation & Reporting: Create detailed reports on assessment findings, remediation plans, and performance metrics.
  • Stakeholder Collaboration: Work closely with technology, business, and cyber risk teams to enhance capability effectiveness.
  • Compliance & Regulatory Alignment: Ensure adherence to regulatory standards, including NIST 800-53, SOC 2, NAIC Model Law, 23 NYCRR 500, and HIPAA.
  • Audit Support: Assist in SOC 2 audits and prepare materials to support regulatory attestations.

Required Qualifications:

  • Education: Bachelor's degree in Cybersecurity, Information Security, Computer Science, or a related field.
  • Certifications (Preferred): CISSP, CISA, CISM, CRISC, CAP, Security+, or equivalent.
  • Experience: 12+ years of experience in cybersecurity, compliance, risk assessment, or security auditing.
  • Technical Skills: Proficiency in NIST 800-53.
  • Knowledge of cloud-based cyber risk controls (Azure and/or Oracle Cloud Infrastructure).
  • Familiarity with DevOps, SAFe, and ITIL methodologies.
  • Strong understanding of security architecture, technical controls, and data protection strategies.

Seniority level

Mid-Senior level

Employment type

Contract

Job function

Information Technology

Industries

Insurance and Hospitals and Health Care

#J-18808-Ljbffr


Apply for this Job

Please use the APPLY HERE link below to view additional details and application instructions.

Apply Here

Back to Search

Advertisement