Cyber Security, Cyber Risk Manager

Cyber Security, Cyber Risk Manager

Job Description:

The Cyber Security Risk Manager partners with IT groups, business groups, and project teams to perform security risk analysis for applications, infrastructure, and vendor / third parties. The Security Risk Manager will also support the selection of technical security requirements, and will be oversee the review, approval and tracking of security exceptions and remediation.

  • Participate in security risk analysis on new or existing technology and services as necessary and in alignment with HPE's cyber risk management program delivering comprehensive, contextualized, actionable information
  • Facilitate remediation planning, governance, and risk treatment activities as required, such as by recommending appropriate risk controls
  • Manage multiple risk assessments and other risk oriented consulting projects in fast-paced environments
  • Develop and improve risk taxonomy, checklists, templates, testing methods, and techniques to support and advance a robust risk management program
  • Provide periodic updates on risk assessment status with an emphasis on deliverables
  • Build relationships throughout HPE's technology and business organizations to be leveraged in support of risk awareness and improved risk management outcomes
  • Provide input to corporate initiatives to establish security criteria or specifications for Information Security as required
  • Understand business needs and deliver high-quality, prompt, and efficient service

Qualifications

  • 5+ years of IT experience in large, multi-national organizations
  • 3+ years of IT security experience focusing on security risk assessments, review of technical security requirements
  • Strong critical thinking skills; ability to quickly comprehend problems, develop hypotheses, draw logical conclusions, develop solutions, and respond accordingly
  • Demonstrated ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
  • Mature understanding of information security "best practices" including principles, security protocols and standards material such as OWASP Top 10 and SANS Critical Security Controls
  • Familiarity with business, finance, and management concepts
  • Articulate communicator, demonstrating mastery of both spoken and written English, with the ability to tailor deliverable appropriately for audiences ranging from technical to senior executive
  • Proven history of being a self-starter: proactively identifying problems, determining pragmatic solutions, identifying and obtaining needed resources, and executing with little or no supervision
  • Relevant undergraduate degree or equivalent professional experience
  • Advanced Information Security certification (CRISC, CISSP or equivalent is preferred)

Job:

Information Technology

Job Level:

Expert

Hewlett Packard Enterprise is EEO F/M/Protected Veteran/ Individual with Disabilities.

HPE will comply with all applicable laws related to the use of arrest and conviction records, including the San Francisco Fair Chance Ordinance and similar laws and will consider for employment qualified applicants with criminal histories.


Meet Some of Hewlett Packard Enterprise's Employees

Rebecca W.

Senior Manager, Community Engagement

Rebecca is responsible for educating and inspiring HPE employees to become involved in the communities around them, then ensuring they’re each recognized for their contributions.

Cat G.

Research Scientist

Cat works in the HPE lab, exploring and designing new devices that become the building blocks for the computation creations of the future.


Back to top