Technical Manager – Cyber Risk Management

The SEI CERT Cyber Risk and Resilience Directorate enables organizations to achieve operational resilience by performing research in emerging areas of operational risk, producing measurement and assessment tools that help organizations better understand their current risk and resilience posture, and developing and validating models, frameworks, and tools to drive quantifiable risk reduction. Our Cyber Risk Management team focuses on designing, prototyping, and transitioning novel methods for risk management. We support partners in government and industry in achieving cyber-dependent missions. Job Description Summary: The individual in this position will work as a technical manager of the Cyber Risk Management (CRM) Team within CERT’s Cyber Risk & Resilience Directorate. This candidate will be responsible for the creation, development, and management of a sustained applied research and technical agenda for the Risk & Resilience CRM Team consistent with and directly supporting the US Department of War’s strategic challenges and emerging threats. The technical manager is responsible for developing and communicating technical vision, developing tasks, creating project work statements, developing and managing project plans, managing initiative finances and accounting, generating new work and customers, working with business development staff, executing work with a high degree of customer satisfaction, and supervising staff. The successful candidate must have proven experience conducting and leading technical efforts in support of the US Federal Government (USG) and Department of War (DOW); managing technical teams; being self-directed; having a track record of creating interdisciplinary approaches to problem-solving; and demonstrating exceptionally strong presentation and writing skills. The candidate must also be able to interact with clients and staff of all levels in a highly professional and competent manner. Minimum Qualifications and Requirements: Education/Training: • BS in risk management, cybersecurity, information systems, economics, mathematics, or a related technical field; an advanced degree is strongly preferred. Other educational backgrounds of a technical nature with significant relevant experience as described may be considered. Experience: Total of ten (10) years of experience as an enterprise risk executive, enterprise risk manager, primary investigator engaged in risk management research, or a similarly technical occupation. Experience and expert knowledge of: • Risk quantification tools and techniques • Risk management frameworks, models, and standards of practice • Risk governance Experience with and substantial knowledge of: • Network architectures and telecommunications • Cybersecurity and operational resilience • Information security models, frameworks, and metrics • Foundational artificial intelligence concepts and techniques • Project planning and financial management • Strategic planning and product development • USG and DOW risk tools, techniques, and methods • USG and DOW risk management strategies, policies, and directives Skills/Abilities: • Mastery of risk management concepts, cybersecurity best practices and standards, information security and risk evaluation methods, and development • Excellent analytical, organizational, reasoning, and problem-solving skills • Outstanding written and oral communication skills • Demonstrated ability and experience in employee performance management • Outstanding financial and resource management skills • Demonstrated ability to prepare papers and deliver presentations for technical and non-technical audiences • Demonstrated experience in developing a strategic plan and associated technical agenda • Demonstrated experience in developing products and transitioning (go-to-market) • Ability to interact effectively with diverse constituencies internally and externally, including senior executives and managers in government and industry • Ability to recognize and deal appropriately with confidential and sensitive information, and, where appropriate, ability to obtain and hold a security clearance • Active involvement in professional societies Preferred Qualifications: • RIMS-Certified Risk Management Professional (preferred) • Certified Enterprise Risk Manager (preferred) • Certified Information Systems Security Professional (preferred) • Certified Information Security Manager (preferred) • Certified Information Systems Auditor (preferred) Other: You will be subject to a background investigation, and you must have the ability to obtain and maintain a Department of War security clearance. Location: Pittsburgh, PA Job Function: Software/Applications Development/Engineering Position Type: Staff – Regular Full time/Part time: Full time Pay Basis: Salary More Information: Please visit “Why Carnegie Mellon” to learn more about becoming part of an institution inspiring innovations that change the world. Click here to view a listing of employee benefits. Carnegie Mellon University is an Equal Opportunity Employer/Disability/Veteran. Statement of Assurance.