My client, one of the globe's most renown insurance companies, is seeking Senior Cyber Risk Manager
Reporting to the CRO this role will:
- Provide oversight of key technology and cyber risks
- Ensure agreed risk management and reporting processes are being adequately followed
- Provide an independent 'second line' opinion on technology and security risks and mitigations
- Challenge relevant business areas on the appropriateness and effectiveness of risk mitigation strategies
- Undertake periodic testing and review of key design and implementation decisions across the Corporation and market
Successful candidates will:
- Very strong stakeholder management and relationship skills to build relationships with a range of senior stakeholders and in particular with the IT team and the PRA and FCA. This will include an ability to actively influence at Executive and Board levels with a confidence to deliver the right risk outcomes at senior levels of the organisation.
- Very strong technical risk management skills are required to be able to define and shape industry leading risk management tools which are tailored to the unique business model
- Expert understanding of security policies, procedures and technologies, and standards including ISO 27001, PCI DSS, NIST and Cyber Essentials
- Good understanding of operating systems (Unix, Windows Mac) and network security
- Good understanding of application security, secure programming and OWASP top 10
- Understanding of vulnerability analysis, penetration testing, encryption technologies, intrusion detection & incident response
- Good understanding of the insurance industry
- Strong understanding and confidence in utilising leadership and management skills
- Experience in conducting cyber security risk assessments of changes, projects and programmes
- Experience in providing recommendations to manage information security risk
Please apply now to learn more!
Key words: Cyber Risk, cyber security, information security, risk, 2LOD, ISO27001/2, NIST, HIPAA, OWASP, security, IT security, CISSP, CISM, CISA, DevSecOps, Cloud, Agile, Azure
Eames Consulting is acting as an Employment Business in relation to this vacancy.