Cyber Risk Manager

City of Seattle
Washington, US
Remote

Job Description

Seattle City Light, a department of the City of Seattle, is one of the nation’s largest municipally owned utilities in terms of the number of customers served. Over the years we have worked very hard to keep Seattle's electricity affordable, reliable, and environmentally sound. Today, City Light is a recognized national leader in energy efficiency and environmental stewardship.

The Cyber Risk Manager is responsible for leading the cyber risk management function, ensuring that cybersecurity risks are identified, assessed, mitigated, and monitored effectively. This role combines team leadership with hands-on risk management, working cross-functionally to align cybersecurity initiatives with business objectives and regulatory requirements. This role supports governance processes, risk frameworks, standards of practice, security controls design and development, and other proactive risk management activities. In addition, this role may support cyber security incident detection and response activities and will work with cyber security systems and toolsets.

This position works with various groups within the utility, as well as with the City’s IT department to monitor and manage risk for the utility’s critical information and operational technologies - helping to enable Seattle City Light’s vision of delivering clean, reliable, and affordable power.

This position will report to the City Light Cyber Security Senior Manager, CISO

  • Lead, mentor, and develop a team of cyber risk specialists and consultants.
  • Set team goals, performance expectations, and professional development plans.
  • Foster a culture of accountability, trust, collaboration, and continuous improvement.
  • Lead implementation and enhancement work for cyber risk management workflows, dashboards, and reports within Archer GRC to meet business and regulatory needs. Drive automation and efficiency through effective use of Archer capabilities.
  • Oversee the cyber risk register and associated issues management functions for cyber risks, to ensure risk items are being properly communicated and addressed by stakeholders.
  • Maintain the risk management frameworks and metrics used to monitor and report on risks, maturity, and progress of the cyber security program, which helps to identify high priority goals and support roadmap development. Track and communicate cyber risk posture and key metrics to City Light Cyber Security Sr Mgr, CISO.
  • Directly conduct or support third-party/consultant conducting of cyber risk assessments. Risk assessments may include OT/SCADA environments, IT/OT convergence areas, Grid Modernization technology, and various other existing and emerging utility technologies. Assess and provide subject-matter expertise and guidance on cybersecurity risk for technology projects and change requests.
  • Support utility cyber security objectives, to include compliance, safety, reliability, and business continuity/disaster recovery initiatives. This includes leading/participating in various security enhancement projects to improve cyber security controls, and ensuring operational technology practices comply with organizational policies, industry best practices, and NERC-CIP regulatory requirements.
  • Lead development of policies, guidelines, and standards to ensure the safety, reliability, availability, confidentiality, and integrity of a wide range of operational technologies to include SCADA systems, HMIs, RTUs, various IEDs, internal and perimeter communications, and other applicable devices or supporting services.
  • Support the vulnerability management program, to include developing policies and procedures for assessing systems for vulnerabilities, advising system owners on remediation strategies, and leveraging penetration testing where appropriate to validate controls and presumed security levels.
  • Participate in 24/7 standby watch duty rotation. Standby personnel are responsible for responding to cybersecurity alerts and incidents, triage and prioritize events, and ensure timely escalation in accordance with incident response procedures.
  • Support incident response activities to minimize risk of compromised systems without impeding real time power grid operations.
  • Support cyber security threat management activities, to include gathering, analyzing, and assessing the current and future threat landscape; understanding threats to City Light infrastructure and operational missions; and developing and sharing threat intelligence through collaborative efforts to include coordination with DHS, US-CERT, MS-ISAC, E-ISAC, WSFC, FBI, SPD, and other threat sharing vectors. Develop threat summary reports and provide appropriate communications to leadership and operations staff.
  • Support cyber security training and awareness efforts to include developing security awareness materials, supporting role based cyber security training for technical staff, and developing cyber security exercises.
  • Keep abreast of technological advancements and operation

Skills & Requirements

Technical Skills

Cyber risk managementTeam leadershipCybersecurityRisk frameworksSecurity controlsCybersecurity incident detectionCybersecurity systemsCybersecurity toolsetsLeadershipCollaborationProblem-solvingCybersecurityRisk management

Employment Type

FULL TIME

Level

senior

Posted

5/7/2026

Apply Now

You will be redirected to City of Seattle's application portal.

Sign in and we'll score your resume against this role.

Find Similar Jobs

Browse roles in the same category, level, and remote setup.

Sign in to open the target role workbench.