Senior Cybersecurity Rm Specialist

Description:

The Senior Cybersecurity Risk Management Specialist plays a critical role in protecting valuable information and maintaining the organization’s security posture through maintaining the Cybersecurity risk register in addition to providing consistent risk management activities and controls. The Senior Specialist the effective tracking of cyber risk mitigation efforts and risk communication strategies and provides a senior level of expertise to strengthen and maintain a robust and sustainable cybersecurity risk management practice.

Key Accountabilities

Leads the planning and fortifying of the cybersecurity risk register, ensuring regular updates with accurate information, and collaborating with stakeholders to gather, assess and document cybersecurity risks.

Facilitates risk prioritization processes, and coordinates risk mitigation intakes. Identifies risk owners, empowering them with data for decision making, to help the execution of risk action plans on all open and pending risks.

Maintains and enhances risk lifecycle management processes and keeps track of risk treatment progress and continuous reporting. Holds the accountability to maintain a comprehensive and up-to-date documentation of identified risks, assessment methodologies, and mitigation strategies.

Ensures alignment of security policy, standards, and controls with the enterprise security risk management framework to produce scalability and flexibility.

Works collaboratively with a variety of stakeholders, across business lines and functions to assess security related business impacting cybersecurity risks and their prioritization.

Provides expert advice on Cybersecurity risk register management, risk management activities, guiding teams in the identification, assessment, and prioritization of cyber risks, and collaborates to recommend and implement effective controls for risk mitigation.

Leads monitoring and tracking of the implementation and effectiveness of cybersecurity risk mitigation measures, collaborating cross-functionally to ensure timely and effective risk reduction efforts.

Develops and implements communication strategies for cybersecurity risk matters, ensuring clear and effective communication of cyber risk status, mitigation progress, and pertinent updates to stakeholders.

Provides technical expertise in cybersecurity and risk management and strong collaboration and communication skills to address cyber risks comprehensively and transparently within TransLink.

Assists in the development and reporting of KPI, KRI’s and other key metrics to ensure effectiveness, risk profile, and compliance, for strategic, operational, and executive reports and dashboards to ensure consolidated views of TransLink's overall security posture and risk profile, enabling informed decision making.

Provides support and advisory to TransLink operating companies on risk management practice.

Qualifications

EDUCATION AND EXPERIENCE

The requirements of this role are typically acquired though completion of a university degree in Computer Science, Computer Engineering, Information Security, or equivalent plus (6) six years of related experience in Cybersecurity risk management. Requires relevant certifications such as CISSP, CISM, or CRISC