Cyber Security-Sr Manager (TPRM, Risk Assessment, Policy Exceptions)

FICO (NYSE: FICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential!

The Opportunity

"As a Senior Manager of Cybersecurity Risk, you will play a critical leadership role in advancing the organization’s enterprise cybersecurity risk management program. This position is responsible for overseeing and executing core cyber risk functions including Third-Party Risk Management (TPRM), Policy Exception Governance, Cybersecurity Risk Assessments, and risk remediation oversight.
This role requires a hands-on leader who can operate both strategically and tactically driving governance, performing deep risk analysis, partnering with business stakeholders, and maturing cybersecurity risk capabilities across the enterprise. You will work closely with technology, security engineering, compliance, legal, and business teams to ensure cyber risks are identified, measured, communicated, and managed effectively".- Cyber Security, Director

What You’ll Contribute

• Lead and mature the enterprise Cybersecurity Risk Management program, ensuring alignment with organizational risk appetite and regulatory expectations
• Operate as a hands-on practitioner, directly performing and reviewing: Cybersecurity Risk Assessments, Third-Party Risk Assessments (TPRM), Policy Exception reviews and approvals, Control gap analysis and remediation tracking.
• Drive governance and oversight for the Third-Party Risk Management lifecycle, including onboarding, continuous monitoring, reassessments, and risk escalation.
• Establish and manage a formal Policy Exception management framework, ensuring risk acceptance decisions are documented, justified, time-bound, and tracked through remediation.
• Conduct enterprise and technology risk assessments aligned to industry frameworks such as NIST CSF, ISO 27001, CIS Controls, or similar standards.
• Partner with business leaders, engineering teams, and product owners to translate cybersecurity risks into actionable business decisions.
• Identify systemic risk trends and proactively recommend risk reduction strategies, compensating controls, or architectural improvements.
• Develop risk reporting dashboards, executive briefings, and metrics that clearly communicate cyber risk posture to senior leadership.
• Support internal and external audit activities by providing evidence, risk analysis, and remediation oversight.
• Collaborate with Legal, Procurement, Privacy, Compliance, and Vendor Management teams to embed cybersecurity risk practices into enterprise workflows.
• Mentor and guide cybersecurity risk analysts and junior team members, promoting consistency, accountability, and professional growth.
• Drive continuous improvement initiatives to mature risk methodologies, automation capabilities, and assessment efficiency.
• Serve as a trusted advisor to technology teams on secure design, risk trade-offs and exception handling.

What We’re Seeking

• Proven experience leading or managing a Cybersecurity Risk, GRC, or Information Security Risk function.
• Strong hands-on experience in: Third-Party Risk Management (TPRM), Policy Exception governance, Cybersecurity Risk Assessments, Control evaluations and remediation planning.
• Deep understanding of cybersecurity frameworks and standards such as: NIST CSF / NIST 800-53, ISO 27001, SOC 2, CIS Critical Security Controls, Cloud security risk principles.
• Demonstrated ability to balance business enablement with risk management.
• Experience communicating technical risk concepts to executive and non-technical audiences.
• Strong analytical, organizational, and decision-making skills with attention to detail.
• Ability to independently manage multiple concurrent initiatives in a fast-paced environment.
• Excellent written and verbal communication, stakeholder influence, and negotiation skills.
• Experience working cross-functionally with Engineering, Cloud, DevOps, Legal, Procurement, and Compliance teams.
• Proficiency with GRC platforms, risk registers, and workflow tools.
• Relevant certifications preferred (one or more): CISSP, CISM, CRISC, CISA, CCSP.
• Operate as a player-coach, combining leadership responsibilities with direct execution.
• Foster a strong risk-aware culture across the organization.
• Promote collaboration, accountability, and continuous improvement within the Cybersecurity Risk team.
• Influence without authority and drive alignment across diverse stakeholder groups.

Our Offer to You

• An inclusive culture strongly reflecting our core values:  Act Like an Owner, Delight Our Customers and Earn the Respect of Others.
• The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences.
• Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so.
• An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.

Why Make a Move to FICO?

At FICO, you can develop your career with a leading organization in one of the fastest-growing fields in technology today – Big Data analytics.  You’ll play a part in our commitment to help businesses use data to improve every choice they make, using advances in artificial intelligence, machine learning, optimization, and much more.

FICO makes a real difference in the way businesses operate worldwide:

•    Credit Scoring — FICO® Scores are used by 90 of the top 100 US lenders.

•    Fraud Detection and Security — 4 billion payment cards globally are protected by FICO fraud systems.

•    Lending — 3/4 of US mortgages are approved using the FICO Score.

Global trends toward digital transformation have created tremendous demand for FICO’s solutions, placing us among the world’s top 100 software companies by revenue. We help many of the world’s largest banks, insurers, retailers, telecommunications providers and other firms reach a new level of success. Our success is dependent on really talented people – just like you – who thrive on the collaboration and innovation that’s nurtured by a diverse and inclusive environment. We’ll provide the support you need, while ensuring you have the freedom to develop your skills and grow your career.  Join FICO and help change the way business thinks!

Learn more about how you can fulfil your potential at www.fico.com/Careers

FICO promotes a culture of inclusion and seeks to attract a diverse set of candidates for each job opportunity. We are an equal employment opportunity employer and we’re proud to offer employment and advancement opportunities to all candidates without regard to race, color, ancestry, religion, sex, national origin, pregnancy, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Research has shown that women and candidates from underrepresented communities may not apply for an opportunity if they don’t meet all stated qualifications. While our qualifications are clearly related to role success, each candidate’s profile is unique and strengths in certain skill and/or experience areas can be equally effective. If you believe you have many, but not necessarily all, of the stated qualifications we encourage you to apply.

Information submitted with your application is subject to the FICO Privacy policy at https://www.fico.com/en/privacy-policy