Fresenius Kabi

Cybersecurity Risk Manager

Fresenius Kabi · Wrocław, Lower Silesian Voivodeship, Poland

Pharmaceutical Manufacturing · 1,001-5,000 employees

23 h ago
Senior (5-10 yrs) Full-time Poland
Log in to apply, save this posting, or score it against your profile with AI.

About the role

Identify, assess, and track cybersecurity risks across the organization while maintaining risk registers and remediation plans. Translate technical findings into business-level risk language and prepare reports for management and risk committees.

What they look for

Cybersecurity Risk Management Operational Risk Assessment Quantitative Risk Analysis Risk Register Maintenance Control Assessments Stakeholder Management Executive Reporting Regulatory Compliance Analytical Skills Communication Skills

Requirements

Requires a strong understanding of cybersecurity and operational risk with experience in control assessments and executive reporting. Knowledge of frameworks like ISO 27001 and NIST CSF is essential, with quantitative risk certifications preferred.

Full description

Job Summary

  • Key Responsibilities
  • Identify, assess, document, and track cybersecurity risks across the organization.
  • Maintain cyber risk registers and ensure risks have clear owners, action plans, and due dates.
  • Support operational risk assessments for critical systems, business processes, third parties, and technology changes.
  • Develop quantitative risk scenarios to estimate potential financial, operational, regulatory, and business impact.
  • Translate technical findings into business-level risk language for leadership.
  • Prepare cyber risk reports, dashboards, and summaries for management and risk committees.
  • Track remediation plans and validate that risk reduction activities are completed.
  • Support control assessments against frameworks such as ISO 27001, NIST CSF, CIS Controls, NIS2, and IEC 62443.
  • Partner with IT, Security, Compliance, Audit, Privacy, Legal, Procurement, and business teams.
  • Support third-party, cloud, data protection, identity, vulnerability, and operational technology risk reviews.

Required Skills

  • Strong understanding of cybersecurity, technology risk, and operational risk.
  • Ability to assess cyber risks and explain them in business terms.
  • Experience with risk registers, control assessments, remediation tracking, and executive reporting.
  • Knowledge of common cybersecurity frameworks and regulatory expectations.
  • Strong communication, analytical, and stakeholder management skills.

Preferred Experience

  • Experience with quantitative cyber risk methods such as FAIR, scenario analysis, loss modeling, or financial impact analysis.
  • Experience in regulated industries such as healthcare, pharma, manufacturing, financial services, or critical infrastructure.
  • Certifications such as CRISC, CISM, CISSP, CISA, FAIR, ISO 27001, or similar are preferred.