Cyber Risk Quantification Engineer

Viasat, Inc.•Carlsbad, CA

About The Position

We're excited to announce a fantastic opportunity for a talented Cyber Security professional to join our growing team. Join Viasat's Cyber Risk Quantification team and be ready to change the way risks are identified, analyzed, and reported. In this role, you'll be instrumental in supporting a risk management process fully aligned with the organization’s key business priorities and in introducing state-of-the-art Cyber Risk Quantification (CRQ) tools and methodologies. You will work closely with our security engineers to enable effective and efficient use of our resources, maximizing the return on our security investment. You will coordinate with and support our security governance and risk management team, streamlining and automating our risk identification and reporting processes. If you're passionate about applying your analytical and technical skills to CRQ, this is a challenging and phenomenal opportunity to help shape the future of Security Risk Management at Viasat. As a Cybersecurity Risk Quantification Engineer, you will be a key component of a team that will implement, manage, and own a robust, agile, and scalable Risk Quantification process. You will work in sync with the Risk Management team, which maintains the organization’s security risk register, embeds CRQ frameworks and tools in the risk management process, and leverages CRQ to track and prioritize remediation efforts. You will prepare clear, actionable reports and presentations for the CISO and senior leaders, demonstrating the value that CRQ delivers to the company. You will also build strong connections and close relationships with key stakeholders across the organization, ensuring risk management practices are embedded into projects, systems and third-party engagements.

Requirements

A bachelor's degree or higher in Cyber Security, Information Technology, Risk Management, or related field.
5+ years of experience in Cyber Security, Risk Analysis, IT Risk Management, or Governance, Risk and Compliance roles.
A strong understanding of Cyber Risk Management principles, Security Frameworks, and Regulatory Standards. Familiarity with the FAIR (Factorial Analysis of Information Risk) model is essential.
Previous experience of implementing CRQ programs, tools, and methodologies within an organization.
Data analytics skills and experience.
Good knowledge of Information Security fundamentals, technologies, and principles.
Strong communication, collaboration, and problem-solving skills, along with an analytical mindset, and an ability to translate technical risks into business terms.

Nice To Haves

Relevant Certifications (e.g., CRISC, CISM, CISSP).
Good understanding of the FAIR-CAM (FAIR Control Analysis Model) and FAIR-MAM (FAIR Materiality Assessment Model) models.
Hands-on experience with off-the-shelf Cyber Risk Quantification tools.
Practical knowledge of Bayesian statistical methods.
Familiarity with Monte Carlo simulations.
Proficiency in Jira.
Eagerness to learn new skills and be self-motivated.
Work well under pressure and on your own initiative.
Ability to work in a constantly changing and fast-paced environment.
Comfortable working in a multi-stakeholder environment.

Responsibilities

implement, manage, and own a robust, agile, and scalable Risk Quantification process
maintain the organization’s security risk register
embed CRQ frameworks and tools in the risk management process
leverage CRQ to track and prioritize remediation efforts
prepare clear, actionable reports and presentations for the CISO and senior leaders
build strong connections and close relationships with key stakeholders across the organization, ensuring risk management practices are embedded into projects, systems and third-party engagements.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume