Back to Job Search

Job Description

My client, one of the globe's most renown insurance companies, is seeking Senior Cyber Risk Manager

Reporting to the CRO this role will:

  • Provide oversight of key technology and cyber risks
  • Ensure agreed risk management and reporting processes are being adequately followed
  • Provide an independent 'second line' opinion on technology and security risks and mitigations
  • Challenge relevant business areas on the appropriateness and effectiveness of risk mitigation strategies
  • Undertake periodic testing and review of key design and implementation decisions across the Corporation and market

Successful candidates will:

  • Very strong stakeholder management and relationship skills to build relationships with a range of senior stakeholders and in particular with the IT team and the PRA and FCA. This will include an ability to actively influence at Executive and Board levels with a confidence to deliver the right risk outcomes at senior levels of the organisation.
  • Very strong technical risk management skills are required to be able to define and shape industry leading risk management tools which are tailored to the unique business model
  • Expert understanding of security policies, procedures and technologies, and standards including ISO 27001, PCI DSS, NIST and Cyber Essentials
  • Good understanding of operating systems (Unix, Windows Mac) and network security
  • Good understanding of application security, secure programming and OWASP top 10
  • Understanding of vulnerability analysis, penetration testing, encryption technologies, intrusion detection & incident response
  • Good understanding of the insurance industry
  • Strong understanding and confidence in utilising leadership and management skills
  • Experience in conducting cyber security risk assessments of changes, projects and programmes
  • Experience in providing recommendations to manage information security risk

Please apply now to learn more!

Key words: Cyber Risk, cyber security, information security, risk, 2LOD, ISO27001/2, NIST, HIPAA, OWASP, security, IT security, CISSP, CISM, CISA, DevSecOps, Cloud, Agile, Azure

Eames Consulting is acting as an Employment Business in relation to this vacancy.