Dice is the leading career destination for tech experts at every stage of their careers. Our client, Carlin Shayn Inc, is seeking the following. Apply via Dice today!
Job Title: Expert Cyber Risk Management Engineer
Location: Oakland, California
Position Overview
We are seeking an experienced and strategic Expert Cyber Risk Management Engineer to join a high-performing cybersecurity organization supporting enterprise-scale risk management initiatives. This role is responsible for assessing, designing, and improving enterprise cybersecurity capabilities across cloud, infrastructure, application, and operational environments.
The ideal candidate will possess deep expertise in cyber risk management, cloud security, governance, and enterprise security frameworks, with the ability to communicate risk and remediation strategies to both technical and executive stakeholders. Candidates with military service, defense sector experience, or experience supporting government environments are strongly encouraged to apply.
This is a hybrid contract-to-hire opportunity based in Oakland, CA. Local candidates are highly preferred.
Key Responsibilities
Cyber Risk & Security Governance
- Lead enterprise cyber risk assessments across infrastructure, applications, cloud platforms, and third-party environments.
- Evaluate the effectiveness of existing cybersecurity controls and identify opportunities for improvement.
- Develop and mature cyber risk management frameworks, methodologies, processes, and documentation standards.
- Define and maintain cybersecurity governance standards, policies, and procedures aligned with regulatory and business requirements.
- Analyze risk exposure and provide recommendations for mitigation strategies and control enhancements.
Cloud Security & Enterprise Architecture
- Assess and secure cloud environments including Microsoft Azure and Oracle Cloud Infrastructure (OCI).
- Review and validate security configurations, identity and access controls, logging, encryption, segmentation, and compliance controls within cloud environments.
- Partner with enterprise architects and infrastructure teams to ensure security requirements are embedded into technology solutions and operational processes.
- Advise leadership on secure cloud adoption strategies and enterprise security architecture improvements.
Metrics, Reporting & Compliance
- Define, track, and report KPIs related to cyber risk management effectiveness, including:
- Control effectiveness
- Remediation timelines
- Risk reduction trends
- Issue closure rates
- Compliance posture
- Prepare executive-level reporting and present findings to leadership, governance committees, audit teams, and technical stakeholders.
- Collaborate with legal, compliance, and audit organizations to ensure adherence to internal policies, regulatory requirements, and contractual obligations.
Security Consulting & Leadership
- Provide strategic consulting and thought leadership on enterprise cybersecurity initiatives.
- Influence technical and business decisions through risk-based security recommendations.
- Mentor junior engineers and cross-functional teams on cybersecurity best practices and enterprise operations.
- Stay current on emerging cybersecurity threats, technologies, vulnerabilities, and industry trends.
Cross-Functional Collaboration
- Work closely with infrastructure, application development, data, compliance, and security operations teams to ensure integrated risk management practices.
- Support enterprise security initiatives, remediation programs, and special cybersecurity projects as needed.
- Assist in evaluating and recommending security technologies aligned with organizational security strategy.
Required Qualifications
- 10+ years of experience in cybersecurity, cyber risk management, information security engineering, or related disciplines.
- Strong experience with enterprise cybersecurity frameworks, risk management methodologies, and security governance.
- Hands-on experience securing and assessing Azure and/or Oracle Cloud environments.
- Experience conducting security assessments, control evaluations, and remediation planning.
- Strong understanding of:
- Identity & Access Management (IAM)
- Authentication & Authorization
- Public Key Infrastructure (PKI)
- Data Loss Prevention (DLP)
- Security Event Monitoring & Analytics
- Third-Party Risk Management
- Security Compliance & Governance
- Experience defining and tracking cybersecurity KPIs and operational metrics.
- Excellent written and verbal communication skills with the ability to present to technical and executive audiences.
- Strong analytical, problem-solving, and strategic planning capabilities.
- Ability to manage multiple priorities within complex enterprise environments.
Preferred Qualifications
- Military service or experience supporting defense/government environments.
- Experience with enterprise-scale cybersecurity transformation initiatives.
- Knowledge of security