Senior Cybersecurity Risk Manager
About The Position
Blue Yonder is a global leader in digital supply chain management solutions, specializing in AI-driven platforms offering comprehensive supply chain management solutions, including planning, execution, and omni-channel commerce. The Sr. Cybersecurity Risk Manager is responsible for leading, maturing, and overseeing Blue Yonder’s enterprise cybersecurity risk management program. This role ensures risks across products, cloud environments, third‑party vendors, and internal systems are identified, assessed, prioritized, and mitigated in alignment with Blue Yonder’s security policies, NIST-based frameworks, and industry best practices. The manager partners cross‑functionally with Security Engineering, IT, Product, Cloud, Legal, GRC, and business leaders to ensure a consistent, risk‑aware culture and effective governance model. This is a senior‑level individual contributor role with manager‑equivalent scope and accountability for enterprise cybersecurity risk management, without direct people management responsibilities.
Requirements
- 8+ years in cybersecurity risk management, governance, or security engineering in a complex enterprise (cloud and on‑prem environment).
- Deep familiarity with NIST CSF, NIST RMF, ISO 27001/27701, SOC 2, and related frameworks.
- Experience performing and maturing risk assessments across technology stacks and business processes.
- Strong understanding of cloud platforms (AWS, Azure, GCP), SaaS environments, and modern enterprise architectures.
- Ability to translate technical risks into business‑level insights for executive stakeholders.
Nice To Haves
- Experience assessing risk associated with AI and Machine Learning.
- CRISC certification or other relevant certification
Responsibilities
- Lead the execution of cybersecurity risk assessments across products, SaaS platforms, infrastructure, cloud environments, vendors, and business processes.
- Apply NIST RMF (800‑37, 800‑30, 800‑53), ISO 27001/27701/22301, and internal Blue Yonder cybersecurity standards in all assessments.
- Maintain and enhance the enterprise risk register, ensuring all risks are documented, categorized, and monitored.
- Develop and drive risk‑response plans, collaborating with system owners, product teams, engineering, and cloud operations.
- Validate mitigation effectiveness and track remediations through closure.
- Provide expert recommendations on security controls, configuration standards, and compensating controls.
- Build KPIs, KRIs, dashboards, and reporting mechanisms to measure risk posture and program performance.
- Present risk trends, escalations, and mitigation progress to senior leadership.
- Ensure compliance with internal policies such as Cybersecurity Policy, Access Control Policy, Acceptable Use, and Information Classification Standards.
- Partner with Threat & Vulnerability Management, Application Security, Security Architecture, and GRC teams to ensure unified risk strategy and visibility.
- Collaborate with Legal, Compliance, and Commercial teams on contract risk requirements and customer security obligations.
- Promote a risk‑aware culture by educating stakeholders on risk principles, threat landscapes, and security responsibilities.
- Contribute to ongoing training and awareness initiatives aligned with Blue Yonder’s enterprise security program.
Benefits
- Comprehensive Medical, Dental and Vision
- 401K with Matching
- Flexible Time Off
- Corporate Fitness Program
- A variety of voluntary benefits such as; Legal Plans, Accident and Hospital Indemnity, Pet Insurance and much more
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
