Third-Party Cyber Risk Manager
HumanaSalary not specified
Expert - Cyber Risk and Control Frameworks at Hewlett Packard Enterprise
Spring, Texas, United States
Not SpecifiedCompensation
Expert & Leadership (9+ years)Experience Level
Full TimeJob Type
UnknownVisa
Technology, CybersecurityIndustries
Requirements
- Bachelor’s degree in Information Security, Information Technology, Risk Management or a related field, or equivalent experience
- CISSP, CRISC, or similar
- Expert in a broad range of Information Security domains (e.g., Application Security, Cloud Security, Network Security, Data Security, Infrastructure Security)
- Strong understanding of cybersecurity control frameworks (e.g., NIST CSF, ISO 27001)
- Proven experience in risk assessments and analysis
- Proven experience in defining and implementing cybersecurity policies, standards and guidelines across multiple platforms
- Strong organizational skills and attention to detail
- Ability to work effectively with technical and non-technical stakeholders
- Excellent documentation, communication, and problem-solving skills
- 5-7 years of experience in Information Security, IT Governance, and/or Risk Management
- 5+ years of experience working with various industry standards
Responsibilities
- Support Governance, Risk and Compliance (GRC) leadership in delivering various risk overview summaries, including monitoring regulatory changes that impact cybersecurity
- Contribute to the development of the Cyber risk governance framework by leveraging existing frameworks and approaches
- Facilitate a gap analysis of the current processes against the Risk management framework
- Provide subject matter expertise on the control framework, policies, standards and guidelines to ensure their effective development
- Analyse the current suite of controls against the control framework to ensure our policies and standards delivers a balanced risk/reward profile in alignment with business strategies and priorities
- Ensure that changes to risk governance frameworks and control guidance are effectively communicated to allow for adequate implementation and compliance
- Work with regional representatives to coordinate the scanning for regulatory changes related to cybersecurity
- Provide expert opinion on HPE’s risk and effectiveness of our policies and standards using analytics, review of cyber issues, control effectiveness reviews, Key Risk Indicators and assessments as required
- Support the handling of questions pertaining to cyber policies and standards from regulators, partners and customers
- Deliver presentations and updates to key business and technology stakeholders
- Provide timely insight to business and technology partners on risk and controls, to ensure effective response and no surprises
Skills
Cybersecurity Risk
Control Frameworks
GRC
Regulatory Compliance
Risk Management
Gap Analysis
Policies and Standards
Threat Landscape
Enterprise Risk Reporting
Hewlett Packard Enterprise
Provides enterprise IT solutions and services
About Hewlett Packard Enterprise
Hewlett Packard Enterprise provides enterprise IT solutions with a focus on cloud services, artificial intelligence, and edge computing. Their products include HPE Ezmeral for managing containers, HPE GreenLake for cloud services, and HPE Aruba for networking. These solutions help businesses improve their performance and adapt to digital changes. HPE's business model includes selling hardware, software, and services, as well as offering subscription-based services and long-term contracts. What sets HPE apart from competitors is its commitment to open-source projects and its active developer community, which supports collaboration and innovation. The company's goal is to empower organizations to transform digitally and optimize their operations.
Houston, TexasHeadquarters
1939Year Founded
IPOCompany Stage
Hardware, Enterprise Software, AI & Machine LearningIndustries
10,001+Employees
Risks
Integration challenges with Juniper Networks may delay AI-driven networking benefits.
Competition from startups like Flywheel could impact HPE's AI and cloud services.
HPE's acquisition strategy may strain resources and distract from core operations.
Differentiation
HPE's GreenLake offers a unique hybrid cloud platform for diverse IT environments.
HPE Ezmeral provides advanced container management, enhancing enterprise AI and analytics capabilities.
HPE's Aruba solutions integrate cloud security and networking for seamless, secure connectivity.
Upsides
HPE's acquisition of Juniper Networks boosts AI-driven innovation in networking.
OpsRamp acquisition enhances HPE's IT management with AI-based automation capabilities.
Axis Security integration strengthens HPE's cloud security offerings with SASE solutions.
Related Jobs
RemoteRemoteActuary, Risk and Compliance
HumanaSalary not specified
RemoteCybersecurity TPRM & Trust Manager
MarqetaSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteAndroid Framework Engineer
Flock Safety$130,000 - $150,000/year
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteSenior Compliance Analyst
EarnestSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteSecurity Governance Risk & Compliance (GRC) Analyst
Virtru$130,000 - $180,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteStaff Cyber Risk Analyst
GE HealthcareSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteSenior Enterprise Risk Management Specialist
Spring HealthSalary not specified
- Full Time
- Senior (5 to 8 years)