PitchMeAI
Viasat

Cyber Risk Quantification Engineer

Viasat · Washington, United States

  • Hybrid
  • Full-time
  • $205,000 / year
  • Washington, United States

Job highlights

  • Implement and manage cyber risk quantification processes.
  • Analyze and report on cyber risks to senior leadership.
  • Collaborate with security engineers and risk management teams.
  • Integrate risk management into projects and engagements.
  • Shape the future of security risk management at Viasat.

About the role

About Viasat

One team. Global challenges. Infinite opportunities. At Viasat, we’re on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We’re looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team.

What You'll Do

We're excited to announce a fantastic opportunity for a talented Cyber Security professional to join our growing team. Join Viasat's Cyber Risk Quantification team and be ready to change the way risks are identified, analyzed, and reported. In this role, you'll be instrumental in supporting a risk management process fully aligned with the organization’s key business priorities and in introducing state-of-the-art Cyber Risk Quantification (CRQ) tools and methodologies.

You will work closely with our security engineers to enable effective and efficient use of our resources, maximizing the return on our security investment. You will coordinate with and support our security governance and risk management team, streamlining and automating our risk identification and reporting processes. If you're passionate about applying your analytical and technical skills to CRQ, this is a challenging and phenomenal opportunity to help shape the future of Security Risk Management at Viasat.

The Day-to-Day

As a Cybersecurity Risk Quantification Engineer, you will be a key component of a team that will implement, manage, and own a robust, agile, and scalable Risk Quantification process. You will work in sync with the Risk Management team, which maintains the organization’s security risk register, embeds CRQ frameworks and tools in the risk management process, and leverages CRQ to track and prioritize remediation efforts. You will prepare clear, actionable reports and presentations for the CISO and senior leaders, demonstrating the value that CRQ delivers to the company. You will also build strong connections and close relationships with key stakeholders across the organization, ensuring risk management practices are embedded into projects, systems and third-party engagements.

What You'll Need

  • U.S. citizenship and the ability to obtain and maintain a U.S. Government Confidential security clearance.
  • A bachelor's degree or higher in Cyber Security, Information Technology, Risk Management, or related field.
  • 10+ years of experience in Cyber Security, Risk Analysis, IT Risk Management, or Governance, Risk and Compliance roles.
  • A strong understanding of Cyber Risk Management principles, Security Frameworks, and Regulatory Standards. Familiarity with the FAIR (Factorial Analysis of Information Risk) model is crucial.
  • Previous experience of implementing CRQ programs, tools, and methodologies within an organization.
  • Data analytics skills and experience.
  • Good knowledge of Information Security fundamentals, technologies, and principles.
  • Strong communication, collaboration, and problem-solving skills, along with an analytical mindset, and an ability to translate technical risks into business terms.

What Will Help You On The Job

  • Relevant Certifications (e.g., CRISC, CISM, CISSP).
  • Good understanding of the FAIR-CAM (FAIR Control Analysis Model) and FAIR-MAM (FAIR Materiality Assessment Model) models.
  • Hands-on experience with off-the-shelf Cyber Risk Quantification tools.
  • Practical knowledge of Bayesian statistical methods.
  • Familiarity with Monte Carlo simulations.
  • Proficiency in Jira.
  • Eagerness to learn new skills and be self-motivated.
  • Work well under pressure and on your own initiative.
  • Ability to work in a constantly changing and fast-paced environment.
  • Comfortable working in a multi-stakeholder environment.

Salary Range

$165,000.00 - $260,500.00 / annually. For specific work locations within San Jose, the San Francisco Bay area and New York City metropolitan area, the base pay range for this role is $205,000.00- $307,000.00/ annually.

At Viasat, we consider many factors when it comes to compensation, including the scope of the position as well as your background and experience. Base pay may vary depending on job-related knowledge, skills, and experience. Additional cash or stock incentives may be provided as part of the compensation package, in addition to a range of medical, financial, and/or other benefits, dependent on the position offered. Learn more about Viasat’s comprehensive benefit offerings that are focused on your holistic health and wellness at https://careers.viasat.com/benefits.

EEO Statement

Viasat is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, ancestry, physical or mental disability, medical condition, marital status, genetics, age, or veteran status or any other applicable legally protected status or characteristic. If you would like to request an accommodation on the basis of disability for completing this on-line application, please click here.

Key skills/competency

  • Cyber Risk Quantification
  • Risk Management
  • Cyber Security
  • Data Analytics
  • FAIR Model
  • Information Security
  • Risk Analysis
  • Security Frameworks
  • CRQ Tools
  • Problem-Solving

Skills & topics

  • Cyber Risk Quantification Engineer
  • Cyber Security
  • Risk Management
  • Data Analytics
  • FAIR Model
  • Information Security
  • Risk Analysis
  • Security Frameworks
  • CRQ Tools
  • Problem-Solving
  • IT Risk Management
  • Governance Risk and Compliance
  • Viasat

How to get hired

  • Tailor your resume: Highlight your 10+ years of cyber security experience, FAIR model knowledge, and CRQ program implementation.
  • Showcase your skills: Emphasize data analytics, information security fundamentals, and translating technical risks into business terms.
  • Prepare for interviews: Be ready to discuss your experience with CRQ tools, security frameworks, and risk management strategies.
  • Understand Viasat's mission: Align your experience with Viasat's goal of delivering impactful connections and shaping communication globally.
  • Address clearance requirements: Be prepared to discuss U.S. citizenship and security clearance eligibility.

Technical preparation

Master the FAIR model and its applications.,Practice data analysis for risk quantification.,Familiarize yourself with CRQ tools.,Study security frameworks and standards.

Behavioral questions

Describe a complex risk you quantified.,How do you translate technical risk to business?,How do you collaborate with stakeholders?,How do you handle pressure and change?

Frequently asked questions

What is Cyber Risk Quantification (CRQ) at Viasat?
Cyber Risk Quantification (CRQ) at Viasat involves implementing and managing processes to identify, analyze, and report on cyber risks in a way that aligns with business priorities. This includes using state-of-the-art tools and methodologies to maximize security investment returns and track remediation efforts.
What is the FAIR model, and why is it important for this Cyber Risk Quantification Engineer role at Viasat?
The FAIR (Factorial Analysis of Information Risk) model is crucial for this role at Viasat. It's a framework used to understand, analyze, and quantify information risk based on objective data. Familiarity with FAIR is essential for a Cyber Risk Quantification Engineer to effectively assess and communicate cyber risks in financial terms.
What type of security clearance is required for the Cyber Risk Quantification Engineer position at Viasat?
This position requires U.S. citizenship and the ability to obtain and maintain a U.S. Government Confidential security clearance. Candidates will need to meet these requirements to be considered for the role.
What kind of data analytics skills are needed for this Cyber Risk Quantification Engineer job?
The Cyber Risk Quantification Engineer role requires strong data analytics skills to effectively analyze cyber risks, support risk management processes, and prepare clear reports for senior leadership. This involves translating complex technical data into actionable business insights.
How does Viasat approach compensation for the Cyber Risk Quantification Engineer role?
Viasat's compensation for this role considers the scope of the position, your background, and experience. The base pay range is provided, and additional incentives, along with a comprehensive benefits package, may be offered. Specifics are determined during the hiring process.
What are the key responsibilities of a Cyber Risk Quantification Engineer at Viasat?
Key responsibilities include implementing and managing the CRQ process, working with security and risk management teams, analyzing and reporting on cyber risks to CISO and senior leaders, and embedding risk management practices into projects and third-party engagements.
Are there opportunities for professional development in this Cyber Risk Quantification Engineer role?
Yes, Viasat encourages continuous learning. The job description mentions an eagerness to learn new skills and self-motivation as beneficial traits. Relevant certifications and understanding advanced models like FAIR-CAM and FAIR-MAM are also highlighted as helpful.