Enterprise Cybersecurity IT and Cyber Risk Expert

About The Position

Requirements

• Experience in enterprise IT and cyber risk management, including risk identification, assessment, reporting, and lifecycle management
• Experience working across technical and non-technical teams with a customer-service mindset and strong communication skills
• Experience with GRC platforms including Smartsheet, ServiceNow, or risk and compliance tools, with the ability to quickly adapt to new tooling environments
• Knowledge of industry-standard frameworks, including, Factor Analysis Information Risk (FAIR), Massachusetts Institute of Technology Research and Engineering (MITRE), National Institute of Standards and Technology (NIST), Cyber Security Framework (CSF), NIST Special Publication (SP) 800-53, Cybersecurity Maturity Model Certification (CMMC), and International Organization for Standardization (ISO) 27001
• Ability to write clear, concise, and executive-ready risk reports and translate technical concepts into business context
• Ability to independently manage and execute complex workstreams with minimal oversight

Nice To Haves

• Experience supporting enterprise risk register development or transformation efforts
• Experience in Defense Industrial Base (DIB) or federal compliance environments
• Experience mentoring or leading junior team members in a project or program setting
• Experience driving process improvement, automation, or AI-enabled enhancements within risk or GRC programs
• Experience with GRC-specific tools or platforms, including Archer
• Knowledge of product risk, supplier or third-party risk, or security findings management

Responsibilities

• Independently manage and advance enterprise cyber risk workstreams.
• Manage and enhance components of the IT and cyber risk register, support ongoing transformation efforts, such as tooling migration, and contribute to maturation of the product risk program.
• Oversee and improve user exceptions program outcomes.
• Provide oversight of day-to-day execution, guide junior staff, and drive more consistent, outcomes-based risk decision making.
• Deliver high-quality risk reporting and insights.
• Produce clear and actionable risk reports and analysis that support leadership decision-making and risk reduction.
• Serve as a central risk translator and stakeholder partner.
• Act as a primary point of contact across business and technical teams, translating complex technical findings into executive-ready risk narratives and aligning stakeholders on risk prioritization and treatment.
• Drive operational excellence and team enablement.
• Provide day-to-day guidance and mentorship to junior team members while establishing scalable processes, templates, and standards for risk execution.
• Advance program maturity through process improvement.
• Identify and implement improvements across risk workstreams, including automation, tooling optimization, such as Smartsheet, and contributions to strategic initiatives that enhance scalability and effectiveness.

Benefits

• health
• life
• disability
• financial
• retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care