AISB-858 Cybersecurity Risk Manager

Your mission

As a Cybersecurity Risk Manager, you will contribute to a major cybersecurity transformation initiative aligned with NIS2 compliance objectives.

You will be responsible for leading cybersecurity risk assessments and ensuring consistency between regulatory requirements, operational constraints and security objectives.

You will also act as a bridge between cybersecurity governance, technical teams and business stakeholders to support structured decision-making and effective risk management.

Your responsibilities

• Translate cybersecurity and NIS2 requirements into operational risk analyses covering processes, infrastructures, systems and critical services;
• Lead and perform cybersecurity risk assessments across IT, OT and business environments;
• Maintain and enhance the cybersecurity risk register in collaboration with relevant stakeholders;
• Evaluate impacts, likelihoods, residual risks and remediation needs;
• Prioritize risks according to the organization’s risk appetite and recommend appropriate mitigation plans;
• Transform risk findings into actionable recommendations and operational guidance;
• Monitor the implementation of risk treatment actions and contribute to cybersecurity program reporting;
• Produce risk management deliverables including assessments, dashboards, reports and evidence documentation;
• Contribute to audit preparation and support compliance demonstration activities related to NIS2;
• Ensure traceability between regulatory requirements, identified risks and implemented security measures;
• Collaborate closely with cybersecurity, infrastructure and governance teams to ensure a coherent and sustainable risk management approach.

Profile required

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity or a related field;
• Proven experience in cybersecurity and/or risk management;
• Strong understanding of IT and operational environments including networks, systems, identity management, cloud, monitoring and critical services;
• Solid knowledge of cybersecurity risk management methodologies such as ISO 27005, EBIOS or equivalent frameworks;
• Good understanding of regulatory and compliance requirements related to NIS2;
• Ability to structure and formalize analyses in complex multi-stakeholder environments;
• Strong analytical mindset, rigor and synthesis capabilities;
• Excellent communication skills with both technical and executive stakeholders;
• Native-level French proficiency, both written and spoken;
• Good command of English is considered an asset.

Key skills

• Cybersecurity Risk Management
• NIS2
• ISO 27005
• EBIOS
• IT & OT Security
• Governance, Risk & Compliance (GRC)
• Risk Assessment
• Cybersecurity Governance
• Reporting & Audit Preparation
• Stakeholder Management

Why join us?

Join a strategic cybersecurity transformation program focused on strengthening security governance and achieving compliance with the NIS2 directive. You will play a key role in improving the organization’s cyber risk management practices and reinforcing the resilience of critical systems and services.

You will work in a dynamic and collaborative environment, interacting with cybersecurity teams, infrastructure teams, operational stakeholders and governance bodies. Your expertise will directly contribute to risk control, decision-making processes and the long-term enhancement of the organization’s security posture.