Management Analyst II (Cyber Risk Analyst)
Salary Info: $131,244 – $151,932/Annually, Plus Excellent Benefits + Retirement
Opens online at www.ebmud.com/jobs on Monday, October 21, 2024
Online applications must be received by 4:30 p.m., Friday, November 8, 2024
Internal Reference # 24-132
East Bay Municipal Utility District’s (EBMUD) Information Systems Department (ISD) is seeking a professional, highly organized, resourceful, and motivated Management Analyst II (Cyber Risk Analyst) to lead our cybersecurity risk management initiatives. The selected candidate will work across teams to enhance our digital defenses, focusing on risk identification, mitigation, and communication with senior leadership. The role involves developing and implementing risk management programs and policies that align with established frameworks (e.g., NIST, CIS, FAIR).
Typical responsibilities of the Management Analyst II (Cyber Risk) position in the following areas will include:
- Leading the development and implementation of EBMUD’s cybersecurity risk management program.
- Crafting, updating, and aligning IT risk management policies with appropriate risk management frameworks.
- Managing and maintaining the cybersecurity risk register, ensuring accurate and timely risk assessments.
- Collaborating with cross-functional teams to improve security-related processes and address risk mitigation strategies.
- Conducting thorough risk assessments, including third-party/vendor risk evaluations, and presenting findings to senior leadership.
- Managing and reviewing vendor contracts, focusing on cybersecurity-related elements to ensure supply chain security.
- Communicating risk management strategies, progress, and risk mitigation status to management and the cybersecurity risk committee.
- Providing training and guidance to foster a culture of cybersecurity awareness across the organization.
Other duties include:
- Preparing materials for cybersecurity risk committee meetings and senior leadership presentations.
- Supporting compliance validation and ensuring security control implementations meet required standards.
- Assisting with incident response and business continuity planning as it relates to risk management.
- Monitoring evolving cybersecurity regulations (e.g., CCPA, GDPR) and ensuring internal policies meet these regulatory requirements.
- Maintaining flexibility in a hybrid work environment, effectively collaborating with teams in both in-person and remote settings.
The ideal candidate for the Management Analyst II (Cyber Risk Analyst) position will possess:
- A deep understanding of cybersecurity risk management frameworks (NIST, CIS, FAIR) and industry best practices, with familiarity in ISO 27001 being a plus.
- Experience in identifying, analyzing, and mitigating cybersecurity risks, including quantitative and qualitative assessment methods.
- Strong skills in vendor management, contract review, and supply chain risk management.
- A proven track record of leading complex projects that involve multiple technical and functional teams.
- Experience with GRC (Governance, Risk, and Compliance) tools, and business process analysis.
- The ability to convey complex technical cybersecurity risks and concepts to non-technical stakeholders clearly.
- Excellent written and verbal communication skills, including the preparation of concise reports, documentation, and presentations.
- A commitment to continuous learning in the field of cybersecurity and proactive adaptation to new threats and technologies.
- The ability to collaborate effectively across organizational boundaries, foster teamwork, and drive change initiatives.
The salary range is $10,937 per month increasing to, $11,484, $12,058, and $12,661 after 6, 18, and 30, respectively.
EBMUD offers an excellent benefits program that includes paid vacation, holidays and sick leave; family health insurance coverage; family dental and vision care plans; retirement plan (reciprocal with CalPERS); 401(k), 401(a) and 457(b) tax-deferred retirement plans; transit subsidy; tuition reimbursement; and opportunities for professional growth including training and career development.
Requirements:
- A bachelor’s degree with major work in business or public administration or directly related field such as IT, finance or accounting.
- Two years of professional experience primarily in administrative, management, budgetary, or systems analyses. Experience with Risk Management and/or Cyber Risk Management, contracts analysis and coordination is desirable.
- A master's degree in business or public administration or a closely related field may be substituted for one year of experience.
- Must possess the physical requirements to perform the important and critical duties of the job, including utilizing computers and maintaining a physical condition necessary for sitting for prolonged periods of time.
- Must be willing to work overtime as needed.
Submit a completed EBMUD application and the required supplemental question responses online at www.ebmud.com/jobs by 4:30 p.m., Friday, November 8, 2024. Only application materials submitted online during the filing period will be accepted.
EBMUD is an Equal Opportunity Employer: Females/Minorities/Veterans/Disability
www.ebmud.com
Job Hotline: (510) 287-0735