Cyber Risk Program Manager

Jump into a pivotal role at Leapfrog Services as our Cyber Risk Program Manager! Lead the charge in fortifying our organization's defense against cyber threats. Your expertise will be the driving force behind our cutting-edge Cyber Risk program.

The Cyber Risk Program Manager is a key leadership role responsible for overseeing and managing the comprehensive CyberRisk program within Leapfrog Services and its clients. Reporting to the Chief Security Officer (CSO), this individual will play a critical role in assessing, developing, and implementing strategies to mitigate cyber threats and enhance the overall cybersecurity posture of Leapfrog and its clients.

This position will lead client engagements in the role of a Virtual Chief Security Officer (vCSO) as well as run and maintain existing programs internally and for clients. Leapfrog clients will vary in size and complexity. Programs will be developed for each individual risk profile.

Some of those items may include the following:

• Risk Assessment and Analysis:
  • Conduct regular CyberRisk assessments to identify potential threats and vulnerabilities.
  • Analyze the impact and likelihood of identified risks, ensuring a comprehensive understanding of the organization's risk landscape.
  • Collaborate with cross-functional teams to prioritize and address identified risks.
• Program Development and Implementation:
  • Develop and maintain the organization's CyberRisk management program in alignment with industry best practices and regulatory requirements in alignment with Leapfrog’s “Ring of Security” methodology.
  • Implement policies, procedures, and controls to mitigate CyberRisks effectively.
  • Work closely with Leapfrog internal IT and Security Operations Centers as well as client points of contact to ensure the integration of risk management practices into daily operations.
• Incident Response Planning:
  • Collaborate with the incident response team to develop, test, and maintain an effective incident response plan.
  • Conduct regular tabletop exercises and simulations to test the organization's response capabilities.
  • Ensure the timely and appropriate response to security incidents.
• Security Awareness and Training:
  • Develop and implement training programs to enhance cybersecurity awareness across the organization.
  • Foster a culture of security by promoting best practices and educating employees on cyber threats.
• Compliance Management:
  • Stay abreast of relevant cybersecurity regulations and industry standards.
  • Ensure the organization's CyberRisk program aligns with regulatory requirements.
  • Collaborate with compliance teams to conduct audits and assessments.
• Reporting and Communication:
  • Prepare and present regular reports on the status of the CyberRisk program to senior leadership.
  • Communicate effectively with stakeholders, providing insights into the organization's CyberRisk posture.
• Third-Party Risk Management:
  • Assess and manage CyberRisks associated with third-party vendors.
  • Work with procurement and legal teams to ensure vendors meet cybersecurity standards.
• Continuous Improvement:
  • Monitor emerging cyber threats and technologies, recommending adjustments to the CyberRisk program as needed.
  • Continuously assess and improve the effectiveness of risk management processes.

Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, or a related field or equivalent experience. Master's degree is a plus.
• Proven experience in CyberRisk management, information security, or a related role.
• Strong knowledge of cybersecurity frameworks, standards, and best practices.
• Familiarity with relevant regulations and compliance requirements.
• Excellent communication and interpersonal skills.
• Project management experience is a plus.
• Relevant certifications such as CISSP, CISM, or CRISC are desirable.

We also offer the following benefits and perks:

• Competitive pay - starting pay range is $110,000 - $130,000/year; however, base pay may vary depending on job-related knowledge, skills, and experience.
• Comprehensive benefits (medical, dental, vision)
• Life and Disability Insurance
• Telemedicine
• 401k match
• Certification/Education program
• Hybrid Work Office
• Health and wellness program

Leapfrog Services provides managed IT services for businesses and nonprofits worldwide. Founded in 1998 with the philosophy that IT should enhance your business, not get in the way of it, we consider ourselves a service company that delivers the highest possible level of technical expertise with an unwavering dedication to extraordinary service. In our world, high-tech doesn't mean high jargon or high stress — it means high touch and high availability. If you love working with leading-edge technology, want to be part of a fun, service-based culture, and prefer the security of an established company with growth opportunities and excellent benefits, Leapfrog is just the pond you're looking for!